SSL handshaking problems
am 25.01.2004 11:00:40 von Tony ArcieriHello, I'm running Apache from within a FreeBSD 5.2-RELEASE jail in the
following configuration:
Apache/2.0.48 DAV/2 SVN/0.35.1 PHP/4.3.4 mod_ssl/2.0.48 OpenSSL/0.9.7c
OpenSSL and Apache were both built out of ports using libkse threading.
The APR was configured with db4 support which is required for the
Subversion module.
I have tried many different ssl.conf configurations and generating keys in
many different ways, all of which have the same results.
Apache is listening on port 443, but the handshaking process fails. Here
is the output from an attempted openssl connection:
% openssl s_client -connect localhost:443 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 080A8280 [080BC000] (148 bytes => 148 (0x94))
0000 - 80 92 01 03 01 00 69 00-00 00 20 00 00 39 00 00 ......i... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 00 00 07 05 00 80 03 ..3..2../.......
0030 - 00 80 00 00 66 00 00 05-00 00 04 01 00 80 08 00 ....f...........
0040 - 80 00 00 63 00 00 62 00-00 61 00 00 15 00 00 12 ...c..b..a......
0050 - 00 00 09 06 00 40 00 00-65 00 00 64 00 00 60 00 .....@..e..d..`.
0060 - 00 14 00 00 11 00 00 08-00 00 06 04 00 80 00 00 ................
0070 - 03 02 00 80 2c d3 fc 74-50 10 30 3b 14 ee 61 ad ....,..tP.0;..a.
0080 - 33 15 f6 93 19 fe 6e 97-37 5b a2 02 b9 da a5 53 3.....n.7[.....S
0090 - 15 42 25 0c .B%.
SSL_connect:SSLv2/v3 write client hello A
read from 080A8280 [080C2000] (7 bytes => 0 (0x0))
18475:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:226:
Any ideas?
Tony Arcieri
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org