[CLUE-Tech] apache & ssl problem
Randy Arabie
rrarabie at home.com
Sun Oct 28 16:28:42 MST 2001
Hi all,
I've got a redhat 7.1 system running apache-1.3.19-5.
This is a default apache install, standalone configuration,
with ssl running on port 443 as a virtual host.
I can connect to my standard port 80, but can't to
the ssl port 443.
I can't seem to find relevant error messages to resolve
the issue.
An attempted lynx connection reports:
Looking up 192.168.1.200
Making HTTPS connection to 192.168.1.200
Retrying connection.
Looking up 192.168.1.200
Making HTTPS connection to 192.168.1.200
Alert!: Unable to make secure connection to remote host.
lynx: Can't access startfile https://192.168.1.200/
An attempted IE 5.x connection results in the standard
"Cannot find server or DNS Error" message.
An attempted telnet connection to port 443 shows that httpd is
running on port 443:
Trying 192.168.1.200...
Connected to 192.168.1.200.
Escape character is '^]'.
sald
<html>
<head>
<title>Voldemort Login</title>
</head>
<body>
<form action="index.html" method="POST">
<h1 align="center">Welcome to Voldemort</h1>
<H2 ALIGN="CENTER">
<FONT COLOR="#FF0000" SIZE="6" FACE="ARIAL">
<U>W A R N I N G !</U>
</FONT>
</H2>
<p><b>You are attempting to access a private web site protected by an intrusion
detection system. Access to and use of this facility requires explicit, current
authorization and is strictly limited.</b></p>
<p><b>Unauthorized, or any attempt at unauthorized access, usage, copying, alteration,
destruction, or damage to its data, programs or equipment may violate the Federal
Computer Fraud and Abuse Act of 1986 as well as applicable state law and/or civil
liability.</b></p>
<p><b>With the before mentioned understood, should you proceed further, you may subject
yourself to investigation that could lead to prosecution should you not have
authorization or violate any of these restrictions.</b></p>
<h3>Please Login</h3>
User Name: <input type="text" name="user_name">
<br>Password: <input type="password" name="password">
<input type="submit" name="submit" value="Login!">
</form>
</body>
</html>
Connection closed by foreign host.
These failed connections do not show up in any of my
/var/log/httpd logfiles. My ssl_request_log files are empty.
I've pasted in the virtualhost section of my httpd.conf file below:
(comments excluded)
<***----------------SNIP----------------***>
<VirtualHost 192.168.1.200:443>
DocumentRoot "/var/www/html"
SSLEngine on
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificatePath /etc/httpd/conf/ssl.crt
SSLCARevocationPath /etc/httpd/conf/ssl.crl
SSLVerifyClient require
SSLVerifyDepth 10
<Files ~ "\.(cgi|shtml)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
<***----------------SNIP----------------***>
Does anyone see something there that may help me out?
Thanks in advance.
-------
Cheers!
Randy Arabie
More information about the clue-tech
mailing list