Hi expert,
my application crashes (BMC Remedy) in the same point.
This is my enviroment: Client --> SSL to Apache Prox --> Tomcat on 8996.
In the apache log i'm reading this error:
[Thu Jul 01 16:37:25 2010] [debug] ssl_engine_io.c(1821): OpenSSL: I/O error, 3237 bytes expected to read on BIO#8a2fdf8 [mem: 8a4d420]
[Thu Jul 01 16:37:25 2010] [info] [client 10.10.0.1] (104)Connection reset by peer: SSL input filter read failed.
[Thu Jul 01 16:37:25 2010] [error] [client 10.173.202.231] (104)Connection reset by peer: proxy: error reading status line from remote server 10.10.0.1, referer: https://itsmtest/arsys/atrium/AtriumConsole.swf
[Thu Jul 01 16:37:25 2010] [debug] mod_proxy_http.c(1466): [client 10.173.202.231] proxy: NOT Closing connection to client although reading from backend server 10.10.0.1 failed., referer: https://itsmtest/arsys/atrium/AtriumConsole.swf
[Thu Jul 01 16:37:25 2010] [error] [client 10.173.202.231] proxy: Error reading from remote server returned by /arsys/plugins/AtriumWidget/messagebroker/amfsecure, referer: https://itsmtest/arsys/atrium/AtriumConsole.swf
[Thu Jul 01 16:37:25 2010] [debug] proxy_util.c(2062): proxy: HTTPS: has released connection for (10.10.0.1)
What kind of check can I do?
Many thanks for all suggest, as usual
Cheers,
Mauri
this is my server:
[root@Proxy1 httpd]# uname -a
Linux Proxy1 2.6.18-128.el5 #1 SMP Wed Dec 17 11:42:39 EST 2008 i686 i686 i386 GNU/Linux
[root@Proxy1 httpd]# rpm -qa | grep httpd
httpd-manual-2.2.3-31.el5_4.2
system-config-httpd-1.3.3.3-1.el5
httpd-2.2.3-31.el5_4.2
httpd-devel-2.2.3-31.el5_4.2
this is my ssl.conf configuration:
LoadModule ssl_module modules/mod_ssl.so
LoadFile /usr/lib/libxml2.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule xml2enc_module modules/mod_xml2enc.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
NameVirtualHost itsmtest:443
<VirtualHost itsmtest:443>
ServerName itsmtest
ErrorLog logs/ictitsm_ssl_error_log_443
TransferLog logs/ictitsm_ssl_access_log_443
LogLevel Debug
ProxyHTMLLogVerbose On
ProxyPreserveHost On
ProxyPass / https://10.10.0.1:8443/
ProxyHTMLURLMap https://itsmtest/ /
ProxyRequests off
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
timeout 900
<Location />
ProxyPassReverse https://itsmtest/
ProxyHTMLEnable On
ProxyHTMLMeta On
ProxyHTMLURLMap / /
RequestHeader unset Accept-Encoding
</Location>
SSLEngine on
SSLProxyEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/httpd/cert/proxy_coll_new.crt
SSLCertificateKeyFile /etc/httpd/cert/proxy_coll_new.key
SSLCertificateChainFile /etc/httpd/cert/GlobalCA.cer
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnv proxy-nokeepalive 1
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>