[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] RaQ4 SSL Problems has anyone got a working one ???


HI,

An SSL Problem to sink ya teeth into,
I have a RaQ4 which refuse's to serve https pages. The main siteadmin isnt secure and I have to us the url http://1.2.3.5:81/.cobalt/sysManage/index.html for server 
administration.
There is 1 virtual site serving https request's which has also stopped working suddenly. 

------------------------""------------------------------

Apache  Version 1.3.20   RaQ4_1C4stackguard
OpenSSl Version 0.9.6b

/etc/rc.d/init.d/admserv status

reads :  ahttpd dead but subsys locked

If I start and stop the service I get the same result.
I then stopped the service removed the locked the file, killed any left over admserv's and restarted again, 
with the same result.

-----------------------""-------------------------------

openssl reads

on both port 81 and 443

(openssl s_client -connect 1.2.3.4:443 -state -debug)

[root init.d]# openssl s_client -connect 1.2.3.4:443 -state -debug
connect: Connection refused
connect:errno=111

(openssl s_client -connect 1.2.3.4:81 -state -debug)

[root init.d]# openssl s_client -connect 1.2.3.4:81 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 08151F88 [081525C0] (124 bytes => 124 (0x7C))
0000 - 80 7a 01 03 01 00 51 00-00 00 20 00 00 16 00 00   .z....Q... .....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 05 00 00 04   .........f......
0020 - 03 00 80 01 00 80 08 00-80 00 00 65 00 00 64 00   ...........e..d.
0030 - 00 63 00 00 62 00 00 61-00 00 60 00 00 15 00 00   .c..b..a..`.....
0040 - 12 00 00 09 06 00 40 00-00 14 00 00 11 00 00 08   ......@.........
0050 - 00 00 06 00 00 03 04 00-80 02 00 80 b8 0b eb d1   ................
0060 - ef 75 21 a7 3f 3c d5 40-72 07 29 1b c1 69 70 e6   .u!.?<.@r.)..ip.
0070 - 4a d2 42 8d 93 62 60 f5-6f 4a 0c f7               J.B..b`.oJ..
SSL_connect:SSLv2/v3 write client hello A
read from 08151F88 [08157B20] (7 bytes => 7 (0x7))
0000 - 3c 21 44 4f 43 54 59                              <!DOCTY
SSL_connect:error in SSLv2/v3 read server hello A
8385:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:460:
This through's up errors about the main site certificate not being present, I recreated this and 
ticked enable SSL on the main siteadmin panel.

Hoorah https://1.2.3.4:81/.cobalt/sysManage/index.html WORKED !!
However now nobody else can get there site admin at https://1.2.3.4:81/.cobalt/sysManage/www.virtualdomain.com 

This box was inheirated, with 300+ customers etc .... and no working SSL
The main apache conf file was heavily croupted which I have re write using another RAQ4's httpd.conf as a basis,
Personal I think this has something to do with the perl scripts that are run by apache to sort the 
virtual hosting info out, i could be wrong.

Any further suggestions and help would be welcome



Mark



_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus