Though I don't have a response yet. Issue already resolved Hope this helps someone else I had V-hosts on same IP for http and https On the former <VirtualHost --IP-Addr--> was changed to <VirtualHost --IP-Addr--:80> and that's it. Since I didn't have the port # 80, the server didn't allow the SSL connection to the 443 port, it was intercepted by the first V-host. though netstat showed server listening on port 443, apache's port 80 V-host would intercept and throw back the error. Regards Aman Raheja http://www.techquotes.com Aman wrote: > Some more verbosity > > # openssl s_client -connect <IP-address>:443 -state -debug > CONNECTED(00000003) > SSL_connect:before/connect initialization > write to 080AECC8 [080AF208] (142 bytes => 142 (0x8E)) > 0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ......c... ..9.. > 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............ > 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.....f. > 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .............c.. > 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...........@ > 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`....... > 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 0c 99 ................ > 0070 - a0 e4 3a 9c 23 71 27 88-bb de 34 70 30 97 00 ea ..:.#q'...4p0... > 0080 - a8 7e c7 96 21 80 c4 a8-c3 e1 47 f3 59 b1 .~..!.....G.Y. > SSL_connect:SSLv2/v3 write client hello A > read from 080AECC8 [080B4768] (7 bytes => 7 (0x7)) > 0000 - 3c 21 44 4f 43 54 59 <!DOCTY > SSL_connect:error in SSLv2/v3 read server hello A > 28314:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol:s23_clnt.c:475: > > > Please advice what could be wrong? > Thanks > Aman > > > On 14 Jan 2007 14:19:20 -0000, "Aman" <amanraheja@xxxxxxxxxxxxxx> wrote : > > >> I have 3 SSL sites configured on the server. >> Two are working absolutely fine and for the one I am configuring now - >> doesn't work. Here's the output of manual test. Please suggest. >> >> # openssl s_client -connect <IP-addr>:443 >> CONNECTED(00000003) >> 18069:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown >> protocol:s23_clnt.c:475: >> >> >> Thank you. >> Aman >> >> >> >> > > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|