On Debian Stable: Apache/2.0.54 (Debian GNU/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 SVN/1.1.4 The front-end server is Internet facing and listens to port 80 and 443 SSL. It proxies request to a back-end Apache mod_perl server. I have one user that when they post a form *in SSL* mode the post fails due to lack of correctly posted data: The content-length header is zero. When they post to a form that is not SSL then it works fine. This seems to be the case of: http://support.microsoft.com/default.aspx?kbid=831167 And discussed here: http://geekswithblogs.net/timh/archive/2006/01/26/67183.aspx I can dump request headers on the mod_perl server and I can see the request has a content-length of zero: Here's the request headers on the back-end server: Cache-Control: no-cache Via: 1.1 foo Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */* Accept-Encoding: gzip, deflate Accept-Language: en-us Host: 127.0.0.1:10443 Max-Forwards: 10 Referer: https://foo/workshop/register/billing User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Content-Length: 0 Content-Type: application/x-www-form-urlencoded Cookie: session=2e4e14be71afa8ae92dea02cb9c4a4a3899999d3 X-Forwarded-For: 64.166... X-Forwarded-Host: foo X-Forwarded-Server: foo What I'm not clear on is that Microsoft report says this is a result of a change to IE that makes IE: ...retries POST requests when a Web server resets the connection. Programs that use Windows Internet (Wininet) application programming interface (API) functions to post data (such as a user name or a password) to a Web server retry the POST request without including the POST data if the Web server closes (or resets) the initial connection request. Since my SSL server is on the front end I can't (or don't know how to) see the actual request headers. But the front access_log only shows *one* POST so I don't see how it would be retrying the request. That is, how do I know if the front-end server is resetting the request? Is this something at the tcp level (I could see with ethereal) or something within the SSL http request that I couldn't see with ethereal/wireshark? Or is Microsoft making this up and just failing to submit the posted data for some reason when in SSL mode. -- Bill Moseley moseley@xxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx