[linux] apache a mod_ssl
Jan Skonc
skonc_jan na vse.sk
Pátek Listopad 7 10:28:19 CET 2003
Zdravim vsetkych:-)
Vie mi niekto poradit?
Mam problem s rozbehanim mod_ssl(2.8) pod apachom (1.3) v error logu mam
tuto hlasku:
[error] [client 192.168.23.100] Invalid method in request
\x80L\x01\x03
v httpd.conf mam toto:
LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so
a potom:
### Section 3: Virtual Hosts
#
<IfDefine SSL>
#AddType application/x-x509-ca-cert .crt
#AddType application/x-pkcs7-crl .crl
Listen 443
Listen 80
</IfDefine>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog /var/log/apache/ssl_engine_log
#SSLLogLevel warn
</IfModule>
<IfDefine SSL>
<VirtualHost 192.168.22.210:443>
SSLEngine on
SSLCipherSuite
ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
DocumentRoot "/var/www/test"
ServerName test1.inet.vse.sk
ErrorLog /var/log/apache/error.log
SSLCertificateFile /etc/apache/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache/ssl.key/server.key
#SSLCACertificatePath /etc/ssl/certs
#SSLCACertificateFile /etc/ssl/certs/ca.crt
#SSLCARevocationPath /etc/ssl/crl
SSLVerifyClient none
SSLVerifyDepth 10
#SSLOptions +ExportCertData +StrictRequire
#SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
#SetEnvIf Request_URI \.gif$ gif-image
#CustomLog /var/log/apache/ssl_request.log \
#"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
env=!gif-image
</VirtualHost>
</IfDefine>
ked som dal:
/usr/bin/openssl s_client -connect localhost:443 -state -debug
skapalo to nasledujuco:
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0809A1D0 [0809A218] (124 bytes => 124 (0x7C))
0000 - 80 7a 01 03 01 00 51 00-00 00 20 00 00 16 00 00 .z....Q...
.....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 05 00 00 04
.........f......
0020 - 03 00 80 01 00 80 08 00-80 00 00 65 00 00 64 00
...........e..d.
0030 - 00 63 00 00 62 00 00 61-00 00 60 00 00 15 00 00
.c..b..a..`.....
0040 - 12 00 00 09 06 00 40 00-00 14 00 00 11 00 00 08
...... na .........
0050 - 00 00 06 00 00 03 04 00-80 02 00 80 06 7c e5 9f
.............|..
0060 - b9 f5 41 08 8a fc 85 7e-b7 e5 2a 25 99 48 26 1e
..A....~..*%.H&.
0070 - c0 4c 04 79 8e c5 c6 15-6c 09 af 57
.L.y....l..W
SSL_connect:SSLv2/v3 write client hello A
read from 0809A1D0 [0809F778] (7 bytes => 7 (0x7))
0000 - 3c 21 44 4f 43 54 59 <!DOCTY
SSL_connect:error in SSLv2/v3 read server hello A
2285:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:460:
test1:/var/log/apache#
Vie mi niekto poradit?
Vopred
V E L K E D I K.
Bzuco
Další informace o konferenci linux