Sorry, after sending the previous (desperate) message, I decided to try one last time, and managed to figure it out. It appears to be a problem with mod_ssl. The bug seems to have been introduced in 2.8.13, because compiling mod_ssl-2.8.12 worked, but nothing starting with 2.8.13 did.
>>> [EMAIL PROTECTED] 07/08/03 12:23PM >>> I'm trying to compile the most recent Apache 1.3.27, mod_ssl-2.8.14-1.3.27 and openssl-0.9.7b on win32. I've successfully compiled it on my Windows 2000 Professional SP4 workstation with Microsoft Visual Studio 6.0 Service Pack 5. And when I run the newly-compiled Apache on the same workstation with default SSL configuration and a self-signed certificated, it works fine (I've tried IE5.5 from the same machine and from other machines). However, when I move the same just-compiled Apache installation to a Windows 2000 Server SP4 box, run it and try to access it from IE5.5 I get the following errors: [08/Jul/2003 11:55:39 03192] [info] Connection to child 5 established (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [info] Seeding PRNG with 1160 bytes of entropy [08/Jul/2003 11:55:39 03192] [info] Initial (No.1) HTTPS request received for child 5 (server xxx) [08/Jul/2003 11:55:39 03192] [info] Connection to child 5 closed with unclean shutdown (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [info] Connection to child 6 established (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [info] Seeding PRNG with 1160 bytes of entropy [08/Jul/2003 11:55:39 03192] [info] Connection to child 7 established (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [info] Connection to child 8 established (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [info] Connection to child 9 established (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [info] Seeding PRNG with 1160 bytes of entropy [08/Jul/2003 11:55:39 03192] [info] Seeding PRNG with 1160 bytes of entropy [08/Jul/2003 11:55:39 03192] [info] Seeding PRNG with 1160 bytes of entropy [08/Jul/2003 11:55:39 03192] [info] Initial (No.1) HTTPS request received for child 6 (server xxx) [08/Jul/2003 11:55:39 03192] [error] SSL handshake failed (server xxx, client xxx) (OpenSSL library error follows) [08/Jul/2003 11:55:39 03192] [info] Connection to child 6 closed with unclean shutdown (server xxx, client xxx) [08/Jul/2003 11:55:39 03192] [error] OpenSSL: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac I've looked all over the web for this and have found multiple referenced to the error and possible solutions (-SSLv3, IE workarounds in httpd.conf, etc), none of which fixed it. However, my situation seems to be unique in that the installation works on one box and doesn't on the other. I suspect that I may be doing something wrong in the compilation process (I'm following mod_ssl's INSTALL.Win32 compilation instructions). I'd like to avoid installing VS6 on the production server and having to compile all future versions of openssl/apache on it, so I would really appreciate any help that would allow me to compile apache/openssl on my W2K Pro workstation in such a way that I could then use the results on the server. Thanks. Max ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
