Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SSL Connection Failures

Posted on 2004-08-20
7
Medium Priority
?
391 Views
Last Modified: 2010-03-04
Apache 2.0.49

After restarting Apache today, I can't access any of my secure sites. I have 5 valid certs from Thawte that were working fine yesterday. I haven't made any changes to my ssl.conf. I checked the error logs, and it doesn't look like the browser is making any connection at all. Port 443 is open on the server. I can post conf file contents if necessary. Here are a couple of the failing sites:

https://secure.grayloon.com/
https://secure.escaladesports.com/
0
Comment
Question by:kernel-panic
  • 4
7 Comments
 

Author Comment

by:kernel-panic
ID: 11857172
I found an OpenSSL test on Google that produced the following error (which I don't know how to diagnose):

[GL-Xserve:~] root# openssl s_client -connect secure.grayloon.com:443 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 000F86C0 [00149000] (130 bytes => 130 (0x82))
0000 - 80 80 01 03 01 00 57 00-00 00 20 00 00 16 00 00   ......W... .....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 07 00 00 05   .........f......
0020 - 00 00 04 05 00 80 03 00-80 01 00 80 08 00 80 00   ................
0030 - 00 65 00 00 64 00 00 63-00 00 62 00 00 61 00 00   .e..d..c..b..a..
0040 - 60 00 00 15 00 00 12 00-00 09 06 00 40 00 00 14   `...........@...
0050 - 00 00 11 00 00 08 00 00-06 00 00 03 04 00 80 02   ................
0060 - 00 80 1b b1 a2 51 49 e7-df 12 6d 9c 07 1b fe 75   .....QI...m....u
0070 - 3c 27 a0 8d 41 0b 1f f0-95 0b 2b 17 ef 86 2b 81   <'..A.....+...+.
0080 - 63 7a                                             cz
SSL_connect:SSLv2/v3 write client hello A
read from 000F86C0 [0014F000] (7 bytes => 7 (0x7))
0000 - 00 01 08 03 ff ff fc                              .......
SSL_connect:error in SSLv2/v3 read server hello A
23501:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:470:
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11858399
check with folloing which ciphers are availanle:

openssl ciphers
0
 

Author Comment

by:kernel-panic
ID: 11858776
[GL-Xserve:~] root# openssl ciphers
EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-DSS-RC4-SHA:IDEA-CBC-SHA:RC4-SHA:RC4-MD5:IDEA-CBC-MD5:RC2-CBC-MD5:RC4-MD5:RC4-64-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EXP1024-RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:kernel-panic
ID: 11864924
I've upped the points because I'm losing business, and I desperately need some help...
0
 

Author Comment

by:kernel-panic
ID: 11864971
After restarting the entire server, everything seems to be up and running. No additional action needed.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 11917093
Closed, 500 points refunded.
CetusMOD
Community Support Moderator
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses
Course of the Month10 days, 23 hours left to enroll

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question