Hi Laurence, I propose you try to isolate your problem. Try to get an ssl-setup without the authentication, rsa and securid stuff working. If mod_ssl still does not work, then you know where to dig further. Right now, it is difficult to tell where the problem actually lies. When you are locking down the problem, you can try to run but a single serving apache process (in prefork mode) and then truss/strace on that process and see what he does before the request dies. just 2 cents, Christian On Tue, Aug 08, 2006 at 09:31:05AM -0400, Cohen, Laurence wrote: > Hi, > > > > I'm having trouble getting SSL to work on my apache 2.055 webserver, > running on Solaris 8. When I start the server up, everthing looks OK in > the error_log. > > > > start child 21965 > > rpc_server 21964 started by 21953 > > [Tue Aug 08 09:14:31 2006] [info] Init: Initializing OpenSSL library > > [Tue Aug 08 09:14:31 2006] [info] Init: Seeding PRNG with 136 bytes of > entropy > > [Tue Aug 08 09:14:31 2006] [info] Loading certificate & private key of > SSL-awar > > e server > > [Tue Aug 08 09:14:31 2006] [info] Init: Generating temporary RSA private > keys ( > > 512/1024 bits) > > [Tue Aug 08 09:14:32 2006] [info] Init: Generating temporary DH > parameters (512 > > /1024 bits) > > [Tue Aug 08 09:14:32 2006] [info] Init: Initializing (virtual) servers > for SSL > > [Tue Aug 08 09:14:32 2006] [info] Configuring server for SSL protocol > > [Tue Aug 08 09:14:32 2006] [info] Server: Apache/2.0.55, Interface: > mod_ssl/2.0 > > .55, Library: OpenSSL/0.9.8b > > AceShutdown try to kill process 21964 > > signal 15 received > > start child 21980 > > [Tue Aug 08 09:14:33 2006] [notice] Digest: generating secret for digest > authen > > tication ... > > [Tue Aug 08 09:14:33 2006] [notice] Digest: done > > [Tue Aug 08 09:14:33 2006] [info] Init: Initializing OpenSSL library > > [Tue Aug 08 09:14:33 2006] [info] Init: Seeding PRNG with 136 bytes of > entropy > > [Tue Aug 08 09:14:33 2006] [info] Loading certificate & private key of > SSL-awar > > e server > > [Tue Aug 08 09:14:33 2006] [info] Init: Generating temporary RSA private > keys ( > > 512/1024 bits) > > [Tue Aug 08 09:14:34 2006] [info] Init: Generating temporary DH > parameters (512 > > /1024 bits) > > [Tue Aug 08 09:14:34 2006] [info] Init: Initializing (virtual) servers > for SSL > > [Tue Aug 08 09:14:34 2006] [info] Configuring server for SSL protocol > > [Tue Aug 08 09:14:34 2006] [info] Server: Apache/2.0.55, Interface: > mod_ssl/2.0 > > .55, Library: OpenSSL/0.9.8b > > [Tue Aug 08 09:14:34 2006] [notice] Apache configured -- resuming normal > operat > > ions > > [Tue Aug 08 09:14:34 2006] [info] Server built: Jun 5 2006 13:35:49 > > > > Then when I try to connect using IE 6.0 I get the following in the > error_log. > > > > > > [Tue Aug 08 09:17:08 2006] [info] Connection to child 0 established > (server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) > > [Tue Aug 08 09:17:08 2006] [info] Seeding PRNG with 136 bytes of entropy > > [Tue Aug 08 09:17:08 2006] [info] (70014)End of file found: SSL input > filter read failed. > > [Tue Aug 08 09:17:08 2006] [info] Connection to child 0 closed with > standard shutdown(server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) > > [Tue Aug 08 09:17:09 2006] [info] Connection to child 3 established > (server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) > > [Tue Aug 08 09:17:09 2006] [info] Seeding PRNG with 136 bytes of entropy > > > > If I try to connect using Firefox, I don't get the "End of file found" > error, and I get the following entries. > > > > > > [Tue Aug 08 09:18:01 2006] [info] Connection to child 2 established > (server sniffy.cnttr.dtra.mil:443, client 204.44.136.2) > > [Tue Aug 08 09:18:01 2006] [info] Seeding PRNG with 136 bytes of entropy > > > > Neither browser ever connects to the website. The website comes up just > fine if I go through port 8443, which is actually connecting to a > content management server which is java based. Also, the browser is > supposed to be starting the RSA Webagent which will bring up a login > using a SecureID token. If I look at the log in debug mode, I do see it > trying to start the RSA Webagent, but it just stops there. Any ideas > what I could be doing wrong? Oh, and just in case anyone was wondering > about the firewall ports, port 443 is open on the firewall and I can > telnet to this port when the webserver is running. > > > > Thanks in advance! > > > > Laurence H Cohen > > SRA International > > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx