I'm seeing the exact same problem, however I have ServerSessionCache set to true. I'm
using
nsopenssl 2.1. What could the problem be?
This is the nsopenssl part of my aolserver config file:
-----
ns_section "ns/server/${servername}/module/nsopenssl"
ns_param ServerPort ${httpsport}
ns_param ServerHostname ${hostname}
ns_param ServerAddress ${address}
ns_param ServerCertFile ${sslcertificate}
ns_param ServerKeyFile ${sslkey}
ns_param ServerProtocols All
ns_param ServerCipherSuite
"ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
ns_param ServerSessionCache true
ns_param ServerSessionCacheID 1
ns_param ServerSessionCacheSize 512
ns_param ServerSessionCacheTimeout 300
ns_param ServerPeerVerify false
ns_param ServerPeerVerifyDepth 3
ns_param ServerCADir ${sslcadir}
ns_param ServerCAFile ${sslcafile}
ns_param ServerTrace false
ns_param SockServerCertFile ${sslcertificate}
ns_param SockServerKeyFile ${sslkey}
ns_param SockServerProtocols All
ns_param SockServerCipherSuite
"ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
ns_param SockServerSessionCache true
ns_param SockServerSessionCacheID 2
ns_param SockServerSessionCacheSize 512
ns_param SockServerSessionCacheTimeout 300
ns_param SockServerPeerVerify true
ns_param SockServerPeerVerifyDepth 3
ns_param SockServerCADir ${sslinternalcadir}
ns_param SockServerCAFile ${sslinternalcafile}
ns_param SockServerTrace false
ns_param SockClientCertFile ${sslclientcertificate}
ns_param SockClientKeyFile ${sslclientkey}
ns_param SockClientProtocols All
ns_param SockClientCipherSuite
"ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
ns_param SockClientSessionCache true
ns_param SockClientSessionCacheID 3
ns_param SockClientSessionCacheSize 512
ns_param SockClientSessionCacheTimeout 300
ns_param SockClientPeerVerify true
ns_param SockClientPeerVerifyDepth 3
ns_param SockClientCADir ${sslservercadir}
ns_param SockClientCAFile ${sslservercafile}
ns_param SockClientTrace false
ns_param RandomFile /dev/urandom
ns_param SeedBytes 1024
----
Thanks,
-Oscar
On Mon, Mar 10, 2003 at 11:42:36PM -0600, Scott Goodwin wrote:
> Turn it on, always, always, always have session caching on, or SSL to
> certain MSIE browser versions will fail in the way you're seeing. I've
> just updated the nsopenssl config examples at my site to reflect this.
>
> nsopenssl 3.0 will have session caching turned on by default, so that
> if you want it turned off you'll have to explicitly do so.
>
>
> /s.
>
>
>
> On Monday, March 10, 2003, at 11:32 PM, William Scott Jordan wrote:
>
> > ServerSessionCache is set to false.
> >
> > Scott
> >
> > At 11:12 PM 3/10/2003 -0600, you wrote:
> >> Do you have session caching turned on?
> >>
> >> /s.
> >>
> >> On Monday, March 10, 2003, at 11:00 PM, William Scott Jordan wrote:
> >>
> >>> I'm running AOLServer 3.4 with OpenSSL 0.9.6 and nsopenssl 2.2b4 on
> >>> Redhat
> >>> 7.0 and I'm getting this error quite a bit:
> >>>
> >>>
> >>> Error: nsopenssl: EOF during SSL handshake
> >>>
> >>>
> >>> I have no idea what's causing it and I can't recreate it. When it
> >>> happens,
> >>> it gives the end user a "Server Error" message. Reloading the same
> >>> page
> >>> never causes the problem a second time. I really don't even know
> >>> whether
> >>> it's a problem with AOLServer, a configuration issue, or a problem
> >>> with
> >>> OpenSSL.
> >>>
> >>> Has anybody seen this before or have any idea of how to correct it?
> >>> Any
> >>> advice would be appreciated.
> >>>
> >>> Scott
> >>>
> >>>
> >>>
> >>> I. To remove yourself from this list:
> >>>
> >>> Send a message to "[EMAIL PROTECTED]" with the following
> >>> text
> >>> in
> >>> the BODY of your message:
> >>>
> >>> signoff aolserver
> >>>
> >>> II. For a complete list of listserv options please visit:
> >>>
> >>> http://listserv.aol.com/
> >>>
> >>> III. For more AOLserver information please visit:
> >>>
> >>> http://www.aolserver.com/
> >>
> >>
> >>
> >> I. To remove yourself from this list:
> >>
> >> Send a message to "[EMAIL PROTECTED]" with the following
> >> text in
> >> the BODY of your message:
> >>
> >> signoff aolserver
> >>
> >> II. For a complete list of listserv options please visit:
> >>
> >> http://listserv.aol.com/
> >>
> >> III. For more AOLserver information please visit:
> >>
> >> http://www.aolserver.com/
> >
> >
> >
> > I. To remove yourself from this list:
> >
> > Send a message to "[EMAIL PROTECTED]" with the following text
> > in
> > the BODY of your message:
> >
> > signoff aolserver
> >
> > II. For a complete list of listserv options please visit:
> >
> > http://listserv.aol.com/
> >
> > III. For more AOLserver information please visit:
> >
> > http://www.aolserver.com/
>
>
>
> I. To remove yourself from this list:
>
> Send a message to "[EMAIL PROTECTED]" with the following text in
> the BODY of your message:
>
> signoff aolserver
>
> II. For a complete list of listserv options please visit:
>
> http://listserv.aol.com/
>
> III. For more AOLserver information please visit:
>
> http://www.aolserver.com/
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in
the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
