Return-Path: X-Original-To: apmail-trafficserver-users-archive@www.apache.org Delivered-To: apmail-trafficserver-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C517E1006C for ; Wed, 7 Aug 2013 03:45:52 +0000 (UTC) Received: (qmail 68387 invoked by uid 500); 7 Aug 2013 03:45:52 -0000 Delivered-To: apmail-trafficserver-users-archive@trafficserver.apache.org Received: (qmail 68094 invoked by uid 500); 7 Aug 2013 03:45:51 -0000 Mailing-List: contact users-help@trafficserver.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@trafficserver.apache.org Delivered-To: mailing list users@trafficserver.apache.org Received: (qmail 68082 invoked by uid 99); 7 Aug 2013 03:45:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 07 Aug 2013 03:45:50 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests= X-Spam-Check-By: apache.org Received-SPF: error (nike.apache.org: local policy) Received: from [71.6.165.248] (HELO kramer.ogre.com) (71.6.165.248) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 07 Aug 2013 03:45:44 +0000 Received: from surfer-30-3-143.surfnet.iacbox ([85.183.130.146]) (authenticated bits=0) by kramer.ogre.com (8.14.5/8.14.5) with ESMTP id r773ixhx029969 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for ; Tue, 6 Aug 2013 20:45:01 -0700 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: Re: ssl termination does not work From: Leif Hedstrom In-Reply-To: <52018CA9.9030703@thelounge.net> Date: Wed, 7 Aug 2013 05:45:00 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <52018CA9.9030703@thelounge.net> To: users@trafficserver.apache.org X-Mailer: Apple Mail (2.1508) X-Virus-Checked: Checked by ClamAV on apache.org On Aug 7, 2013, at 1:54 AM, Reindl Harald = wrote: > Hi >=20 > anybody an idea what's wrong here? > see errors from "traffic.out" blow > trafficserver-3.2.5-3.fc19.20130803.rh.x86_64 >=20 > finally i want paly around with having apache only on 127.0.0.1 > without mod_ssl and trafficserver making the ssl-termination, in > the first step ip-based like httpd and if possible finally with > SNI for more than one vhost, well but i do not get the basics work >=20 > Firefox: > An error occurred during a connection to rhsoft.testserver. > Cannot communicate securely with peer: no common encryption = algorithm(s). > (Error code: ssl_error_no_cypher_overlap) I've typically seen these types of errors if no certificates are loaded. = Maybe check your logs, and/or run it with a Diags tracer of "ssl" = (without quotes) and see if it can give you any details. -- Leif