[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] SSL & Page Not Found
- Subject: Re: [cobalt-developers] SSL & Page Not Found
- From: Taco Scargo - Sun Holland - Leiden <Taco.Scargo@xxxxxxx>
- Date: Wed May 30 18:05:23 2001
- List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>
Hi Tobe,
> I've recently installed SSL on my RaQ3i. All seems to be working properly,
> except that occasionally, I get a 'Page Not Found' error. If I hit the
> reload or refresh or hit my back button and then try to re-access the page,
> it always comes up.
>
> Does anyone have any idea why it would do this and how to stop it? It
> makes it really frustrating when people are trying to order a product and
> this happens. (not to mention how it 'looks' in the eyes of a potential
> customer)
I have had the same problem, and apparently this problem occurs on certain releases of Microsoft Internet
Explorer only. I have never seen Netscape behave this way. Can you confirm this ?
What I did to correct this, is change the httpd.conf manually to disable HTTP/1.1 on Explorer SSL
connections and a few other things.
Look for a section that has a lot $PerlConfig .= lines in it.
Then add this to both sections:
$PerlConfig .= "SetEnvIf User-Agent \".*MSIE.*\" \\n";
$PerlConfig .= " nokeepalive ssl-unclean-shutdown\\n";
$PerlConfig .= " downgrade-1.0 force-response-1.0\n";
So the complete section looks like this:
while(<HTTPD_CONF>) {
if (/^<VirtualHost [\d\.]+>$/ ... /^<\/VirtualHost>$/) {
if ( /^<VirtualHost ([\d\.]+)>/o ) {
# New section. Clean up.
$ip = $1;
@ssl_conf = ();
$group = undef;
}
# Skip this bit, we don't need it now..
next if (/^<VirtualHost/);
# Just need to grab the group name out before we get on with
# the real work.
if ( /DocumentRoot \/home\/sites\/([^\/]+)\/web/ ){
$group = $1;
}
# These two are for the rewrite options
s/http/https/go if (/^Rewrite/);
s/80/443/go if (/^Rewrite/);
push @ssl_conf, $_;
# Hardcoded, issues with mod_perl and cobalt modules.
if (/^<\/Virtual/ and (-f "/etc/httpd/ssl/$group")) {
$ret = ssl_cert_check("/home/sites/$group/certs/");
if ($ret=~/^2/o) {
$PerlConfig .= "Listen $ip:443\n";
$PerlConfig .= "<VirtualHost $ip:443>\n";
####
$PerlConfig .= "SetEnvIf User-Agent \".*MSIE.*\" \\n";
$PerlConfig .= " nokeepalive ssl-unclean-shutdown\\n";
$PerlConfig .= " downgrade-1.0 force-response-1.0\n";
####
$PerlConfig .= "SSLengine on\n";
$PerlConfig .= "SSLCertificateFile /home/sites/$group/certs/certificate\n";
$PerlConfig .= "SSLCertificateKeyFile /home/sites/$group/certs/key\n";
$PerlConfig .= join('', @ssl_conf);
} elsif (ssl_cert_check("/home/sites/home/certs/") =~ /^2/ ) {
$PerlConfig .= "Listen $ip:443\n";
$PerlConfig .= "<VirtualHost $ip:443>\n";
####
$PerlConfig .= "SetEnvIf User-Agent \".*MSIE.*\" \\n";
$PerlConfig .= " nokeepalive ssl-unclean-shutdown\\n";
$PerlConfig .= " downgrade-1.0 force-response-1.0\n";
####
$PerlConfig .= "SSLengine on\n";
$PerlConfig .= "SSLCertificateFile /home/sites/home/certs/certificate\n";
$PerlConfig .= "SSLCertificateKeyFile /home/sites/home/certs/key\n";
$PerlConfig .= join('', @ssl_conf);
} else {
print STDERR "Site $group has invalid certificate: $ret\n";
}
}
}
}
close HTTPD_CONF;
With regards,
Taco Scargo
Professional Services Manager, EMEA
Sun Microsystems Tel. +31 (71) 565 7021
Sun Cobalt Server Appliances taco.scargo@xxxxxxx