[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: Page Cannot Be displayed Error - fixed!

Subject: [cobalt-users] Re: Page Cannot Be displayed Error - fixed!
From: "Ian D. Mead" <idm@xxxxxxxxxxx>
Date: Sat Mar 31 13:46:01 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Jim (and others that replied),

Thank you for your help! The solution you provided below fixed the problemimmediately. It's strange that this had been working and suddenly stoppedbut I really appreciate the help.


Best wishes, Ian

> <SNIP>
> I have the same sort of a problem, except it does not always fail
> the first
> time, but does often enough to be a nuisance.
> Gerald
>


I found that issue and this posting on the list certainly cured it for me:

Hello,

There's been an ongoing thread over the last year WRT intermittent problems
that people see with SSL on the RaQ3's and Microsoft Internet Explorer.

I've been looking into this issue for this time off and on and have finally
(finally!) found a solution.

The Problem
===========
Many people using CGI scripts running through the SSL server have found
weird unrelated errors appearing when using MSIE (not Netscape or Opera
BTW), like:
I/O Errors
Insecure Item Errors
DNS Errors

The Real Problem
================
<sarcasm>Surprisingly</sarcasm>, MS IE has many small smelly bugs in it in
areas that the other browsers mentioned do not.

After much hacking, testing, scripting, tears and tantrums, (and internet
searching), I finally found a technical reference and workaround for the
problem at:
http://www.modssl.org/docs/2.6/ssl_faq.html#io-ie

The Solution
============
Using the information from the article above, if you have users experiencing
this problem (we do with different CGI scripts running through SSL), here's
the modification we made:

Change the following block of code in /etc/httpd/httpd.conf (large chunk to
help find it)

from:

                $PerlConfig .= "Listen $ip:443\n";
                $PerlConfig .= "<VirtualHost $ip:443>\n";
                $PerlConfig .= "SSLengine on\n";
                $PerlConfig .= "SSLCertificateFile
/home/sites/$group/certs/certificate\n";
                $PerlConfig .= "SSLCertificateKeyFile
/home/sites/$group/certs/key\n";
                $PerlConfig .= join('', @ssl_conf);

to:

                $PerlConfig .= "Listen $ip:443\n";
                $PerlConfig .= "<VirtualHost $ip:443>\n";
                $PerlConfig .= "SetEnvIf User-Agent \".*MSIE.*\" \\n";
                $PerlConfig .= "        nokeepalive ssl-unclean-shutdown
\\n";
                $PerlConfig .= "        downgrade-1.0 force-response-1.0\n";
                $PerlConfig .= "SSLengine on\n";
                $PerlConfig .= "SSLCertificateFile
/home/sites/$group/certs/certificate\n";
                $PerlConfig .= "SSLCertificateKeyFile
/home/sites/$group/certs/key\n";
                $PerlConfig .= join('', @ssl_conf);

Restart Apache.

...

Follow-Ups:
- [cobalt-users] Hey, We Probably Should Pay Attention
  - From: Dave Shugarts

Prev by Date: [cobalt-users] Email has host name (www) and Welcome page? for Raq XTR
Next by Date: Re: [cobalt-users] Stats not generating
Previous by thread: Re: [cobalt-users] Email has host name (www) and Welcome page? for Raq XTR
Next by thread: [cobalt-users] Hey, We Probably Should Pay Attention

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index