[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Page Cannot Be displayed Error

Subject: RE: [cobalt-users] Page Cannot Be displayed Error
From: "Jim Carey" <ozbcoz@xxxxxxxxxxxxxxxx>
Date: Sat Mar 31 08:20:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> >
> <SNIP>
> I have the same sort of a problem, except it does not always fail
> the first
> time, but does often enough to be a nuisance.
> Gerald
>


I found that issue and this posting on the list certainly cured it for me:

Hello,

There's been an ongoing thread over the last year WRT intermittent problems
that people see with SSL on the RaQ3's and Microsoft Internet Explorer.

I've been looking into this issue for this time off and on and have finally
(finally!) found a solution.

The Problem
===========
Many people using CGI scripts running through the SSL server have found
weird unrelated errors appearing when using MSIE (not Netscape or Opera
BTW), like:
I/O Errors
Insecure Item Errors
DNS Errors

The Real Problem
================
<sarcasm>Surprisingly</sarcasm>, MS IE has many small smelly bugs in it in
areas that the other browsers mentioned do not.

After much hacking, testing, scripting, tears and tantrums, (and internet
searching), I finally found a technical reference and workaround for the
problem at:
http://www.modssl.org/docs/2.6/ssl_faq.html#io-ie

The Solution
============
Using the information from the article above, if you have users experiencing
this problem (we do with different CGI scripts running through SSL), here's
the modification we made:

Change the following block of code in /etc/httpd/httpd.conf (large chunk to
help find it)

from:

                $PerlConfig .= "Listen $ip:443\n";
                $PerlConfig .= "<VirtualHost $ip:443>\n";
                $PerlConfig .= "SSLengine on\n";
                $PerlConfig .= "SSLCertificateFile
/home/sites/$group/certs/certificate\n";
                $PerlConfig .= "SSLCertificateKeyFile
/home/sites/$group/certs/key\n";
                $PerlConfig .= join('', @ssl_conf);

to:

                $PerlConfig .= "Listen $ip:443\n";
                $PerlConfig .= "<VirtualHost $ip:443>\n";
                $PerlConfig .= "SetEnvIf User-Agent \".*MSIE.*\" \\n";
                $PerlConfig .= "        nokeepalive ssl-unclean-shutdown
\\n";
                $PerlConfig .= "        downgrade-1.0 force-response-1.0\n";
                $PerlConfig .= "SSLengine on\n";
                $PerlConfig .= "SSLCertificateFile
/home/sites/$group/certs/certificate\n";
                $PerlConfig .= "SSLCertificateKeyFile
/home/sites/$group/certs/key\n";
                $PerlConfig .= join('', @ssl_conf);

Restart Apache.

Conclusion
==========
Since doing this we have had NO reports of problems (e.g. one of our
customers was having continuous problems with a CGI scripting running
through SSL and using MSIE and now he's a happy chappy).

I don't know if it would be wise to ask Cobalt to implement this workaround
into the base code since it is catering for a bug in MSIE. But since MSIE
usage these days is around 75% of all web users, maybe they could?

Regards,
Jonathan Michaelson

Way to the Web Ltd
Commercial CGI Scripting, Web Hosting
http://www.waytotheweb.com

Jim Carey
www.OZbcoz.com discount domain registration
www.iluvoz.com affordable hosting services

Follow-Ups:
- Re: [cobalt-users] Page Cannot Be displayed Error
  - From: Gerald Waugh

References:
- Re: [cobalt-users] Page Cannot Be displayed Error
  - From: Gerald Waugh

Prev by Date: [cobalt-users] RaQ2's and CGI
Next by Date: [cobalt-users] Script to add secondary DNS? Xposted on Developers and Users.
Previous by thread: Re: [cobalt-users] Page Cannot Be displayed Error
Next by thread: Re: [cobalt-users] Page Cannot Be displayed Error

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index