Hi,
We use ssldump http://www.rtfm.com/ssldump/ to do that sort of
thing. Though you may need to disable some of the cipher suites (found
that diffie-hellman doesn't work).
~Jet
-----Original Message-----
From: Ian Lord [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 18, 2008 10:48 AM
To: [email protected]
Subject: [EMAIL PROTECTED] Packet debugging when using mod_ssl
Hi,
I am dealing with a connexion problem from a custom web browser.
For some reason, one particular user from the custom web browser is
getting
an error 400 (Bad Request) from Apache on a specific page requested by
POST.
I've did a lot of research and can't find what's wrong... I would like
to
see the actual packets for the request to see what's in there to try to
diagnose the product further... The problem is that the connexion is ssl
encrypted with mod_SSL...
A packet analyser gave me the encrypted content so I am not able to
analyse
it.
I found out about mod_log_forensic which dump the request to log file,
but I
am not sure if I can trust the results. Log forensic shows a get request
instead of a post and it's very basic
"
+212e:485861ea:0|GET /
-212e:485861ea:0
"
In there, I expect to see a post, not a get, the host, the referrer, the
"Accept", etc but I see only this...
That's why I presume that the request is so bad apache doesn't log it
correctly using mod_log_forensic...
Is there a way to actually "dump" the content of the request after being
decrypted by mod_ssl but before it is analysed for processing ?
Or can anyone suggest me a way to debug this further ?
Thanks in advance
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
----------
Learn more about Chase Paymentech Solutions,LLC payment processing services at
www.chasepaymentech.com.
THIS MESSAGE IS CONFIDENTIAL. This e-mail message and any attachments are
proprietary and confidential information intended only for the use of the
recipient(s) named above. If you are not the intended recipient, you may not
print, distribute, or copy this message or any attachments. If you have
received this communication in error, please notify the sender by return e-mail
and delete this message and any attachments from your computer.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
