This is on Gentoo. I'm not sure if they have patched these things
* apache-2.2.9
* openssl-0.9.8h
I'm having a problem using TLS with firefox3 clients. The client
reports an SSL problem. I've done a pcap in wireshark. The client
sends "Client Hello" with TLS 1.0. The server responds with a TLSv1
alert message that is
Level: Fatal(2)
Description: Access Denied(49)
The apache logs say:
[Mon Jun 30 12:39:47 2008] [info] Initial (No.1) HTTPS request received
for child 1 (server projects.optaros.com:443)
[Mon Jun 30 12:39:47 2008] [debug] mod_headers.c(711): headers:
ap_headers_output_filter()
[Mon Jun 30 12:39:47 2008] [debug] mod_headers.c(711): headers:
ap_headers_output_filter()
[Mon Jun 30 12:39:47 2008] [debug] mod_headers.c(711): headers:
ap_headers_output_filter()
[Mon Jun 30 12:39:48 2008] [debug] ssl_engine_io.c(1828): OpenSSL: I/O
error, 5 bytes expected to read on BIO#84ca028 [mem: 8963c38]
[Mon Jun 30 12:39:48 2008] [info] [client 64.251.112.40] (70007)The
timeout specified has expired: SSL input filter read failed.
[Mon Jun 30 12:39:48 2008] [debug] ssl_engine_kernel.c(1770): OpenSSL:
Write: SSL negotiation finished successfully
[Mon Jun 30 12:39:48 2008] [info] [client 64.251.112.40] Connection
closed to child 192 with standard shutdown (server projects.optaros.com:443)
[Mon Jun 30 12:39:49 2008] [debug] ssl_engine_io.c(1817): OpenSSL: read
5/5 bytes from BIO#84ca028 [mem: 8980d78] (BIO dump follows)
If I disable TLS in apache, everything works fine. Any ideas?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
