[NCLUG] Apache/mod_ssl question
Steve Chadsey
tyr at teiresias.net
Mon Mar 15 17:07:50 MST 2004
On Mon, Mar 15, 2004 at 04:26:52PM -0700, Rich Young wrote:
> Thanks for replying, Steve.
>
> > Can you verify that the
> > SSL traffic is hitting your server on the correct port? The
> > fact that you aren't getting anything in your ssl logs
> > indicates that the SSL connections may be hitting your HTTP
> > port and not your HTTPS one.
>
> No, I'm pretty sure traffic is getting through to 443 -- the openssl
> connection indicates that the problem occurs at GET_SERVER_HELLO:
> SSL_connect:error in SSLv2/v3 read server hello A
> 29706:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol:s23_clnt.c:475:
I forgot to mention the '-debug' flag to the s_client command.
That will give you some more diagnostics.
Also, 'apachectl configtest' can help sort out any problems with the
Apache configuration file.
> tonight to try to ferret out the problem. I also have a consultant
> looking at the problem, though he hasn't suffered any flashes of insight
> yet. We'll see....
Good luck, and let us know what the resolution was.
--
Steve Chadsey <tyr at teiresias.net>
More information about the NCLUG
mailing list