Hi,
I’m having trouble getting SSL to work on my apache 2.055 webserver, running on Solaris 8. When I start the server up, everthing looks OK in the error_log.
start child 21965 rpc_server 21964 started by 21953 [Tue Aug 08 09:14:31 2006] [info] Init: Initializing OpenSSL library [Tue Aug 08 09:14:31 2006] [info] Init: Seeding PRNG with 136 bytes of entropy [Tue Aug 08 09:14:31 2006] [info] Loading certificate & private key of SSL-awar e server [Tue Aug 08 09:14:31 2006] [info] Init: Generating temporary RSA private keys ( 512/1024 bits) [Tue Aug 08 09:14:32 2006] [info] Init: Generating temporary DH parameters (512 /1024 bits) [Tue Aug 08 09:14:32 2006] [info] Init: Initializing (virtual) servers for SSL [Tue Aug 08 09:14:32 2006] [info] Configuring server for SSL protocol [Tue Aug 08 09:14:32 2006] [info] Server: Apache/2.0.55, Interface: mod_ssl/2.0 .55, Library: OpenSSL/0.9.8b AceShutdown try to kill process 21964 signal 15 received start child 21980 [Tue Aug 08 09:14:33 2006] [notice] Digest: generating secret for digest authen tication ... [Tue Aug 08 09:14:33 2006] [notice] Digest: done [Tue Aug 08 09:14:33 2006] [info] Init: Initializing OpenSSL library [Tue Aug 08 09:14:33 2006] [info] Init: Seeding PRNG with 136 bytes of entropy [Tue Aug 08 09:14:33 2006] [info] Loading certificate & private key of SSL-awar e server [Tue Aug 08 09:14:33 2006] [info] Init: Generating temporary RSA private keys ( 512/1024 bits) [Tue Aug 08 09:14:34 2006] [info] Init: Generating temporary DH parameters (512 /1024 bits) [Tue Aug 08 09:14:34 2006] [info] Init: Initializing (virtual) servers for SSL [Tue Aug 08 09:14:34 2006] [info] Configuring server for SSL protocol [Tue Aug 08 09:14:34 2006] [info] Server: Apache/2.0.55, Interface: mod_ssl/2.0 .55, Library: OpenSSL/0.9.8b [Tue Aug 08 09:14:34 2006] [notice] Apache configured -- resuming normal operat ions [Tue Aug 08 09:14:34 2006] [info] Server built: Jun 5 2006 13:35:49
Then when I try to connect using IE 6.0 I get the following in the error_log.
[Tue Aug 08 09:17:08 2006] [info] Connection to child 0 established (server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) [Tue Aug 08 09:17:08 2006] [info] Seeding PRNG with 136 bytes of entropy [Tue Aug 08 09:17:08 2006] [info] (70014)End of file found: SSL input filter read failed. [Tue Aug 08 09:17:08 2006] [info] Connection to child 0 closed with standard shutdown(server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) [Tue Aug 08 09:17:09 2006] [info] Connection to child 3 established (server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) [Tue Aug 08 09:17:09 2006] [info] Seeding PRNG with 136 bytes of entropy
If I try to connect using Firefox, I don’t get the “End of file found” error, and I get the following entries.
[Tue Aug 08 09:18:01 2006] [info] Connection to child 2 established (server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) [Tue Aug 08 09:18:01 2006] [info] Seeding PRNG with 136 bytes of entropy
Neither browser ever connects to the website. The website comes up just fine if I go through port 8443, which is actually connecting to a content management server which is java based. Also, the browser is supposed to be starting the RSA Webagent which will bring up a login using a SecureID token. If I look at the log in debug mode, I do see it trying to start the RSA Webagent, but it just stops there. Any ideas what I could be doing wrong? Oh, and just in case anyone was wondering about the firewall ports, port 443 is open on the firewall and I can telnet to this port when the webserver is running.
Thanks in advance!
Laurence H Cohen SRA International
|