[CLUE-Tech] apache & ssl problem

Randy Arabie rrarabie at home.com
Sun Oct 28 16:28:42 MST 2001 

Hi all,

I've got a redhat 7.1 system running apache-1.3.19-5.
This is a default apache install, standalone configuration, 
with ssl running on port 443 as a virtual host.

I can connect to my standard port 80, but can't to 
the ssl port 443.

I can't seem to find relevant error messages to resolve 
the issue.

An attempted lynx connection reports:

	Looking up 192.168.1.200
	Making HTTPS connection to 192.168.1.200
	Retrying connection.
	Looking up 192.168.1.200
	Making HTTPS connection to 192.168.1.200
	Alert!: Unable to make secure connection to remote host.

	lynx: Can't access startfile https://192.168.1.200/

An attempted IE 5.x connection results in the standard 
"Cannot find server or DNS Error" message.

An attempted telnet connection to port 443 shows that httpd is 
running on port 443:

	Trying 192.168.1.200...
	Connected to 192.168.1.200.
	Escape character is '^]'.
	sald
	<html>
	<head>
        <title>Voldemort Login</title>
	</head>
	<body>
        <form action="index.html" method="POST">
        <h1 align="center">Welcome to Voldemort</h1>
        <H2 ALIGN="CENTER">
        <FONT COLOR="#FF0000" SIZE="6" FACE="ARIAL">
        <U>W A R N I N G !</U>
        </FONT>
        </H2>

        <p><b>You are attempting to access a private web site protected by an intrusion 
        detection system.  Access to and use of this facility requires explicit, current 
        authorization and is strictly limited.</b></p>

        <p><b>Unauthorized, or any attempt at unauthorized access, usage, copying, alteration,
        destruction, or damage to its data, programs or equipment may violate the Federal 
        Computer Fraud and Abuse Act of 1986 as well as applicable state law and/or civil 
        liability.</b></p>

        <p><b>With the before mentioned understood, should you proceed further, you may subject 
        yourself to investigation that could lead to prosecution should you not have 
        authorization or violate any of these restrictions.</b></p>

        <h3>Please Login</h3>
        User Name: <input type="text" name="user_name">
        <br>Password: <input type="password" name="password">
        <input type="submit" name="submit" value="Login!">
        </form>
        </body>
	</html>
	Connection closed by foreign host.

These failed connections do not show up in any of my 
/var/log/httpd logfiles.  My ssl_request_log files are empty.

I've pasted in the virtualhost section of my httpd.conf file below:
(comments excluded)

<***----------------SNIP----------------***>

<VirtualHost 192.168.1.200:443>

DocumentRoot "/var/www/html"

SSLEngine on

SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt

SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

SSLCACertificatePath /etc/httpd/conf/ssl.crt

SSLCARevocationPath /etc/httpd/conf/ssl.crl

SSLVerifyClient require

SSLVerifyDepth  10

<Files ~ "\.(cgi|shtml)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

CustomLog /var/log/httpd/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>

<***----------------SNIP----------------***>

Does anyone see something there that may help me out?

Thanks in advance.

------- 

Cheers!

Randy Arabie

More information about the clue-tech mailing list