Aaron, thanks very much to you and Wayne for fixing this up. I have a
question that either of you may be able to help me with. I downloaded the
source for both Apache 1.3.17 and mod_ssl 2.8.0 and built them according to
instructions. Because I'm having trouble getting my builds to accept SSL
connections, I had previously installed OpenSA, which runs fine. So I used
the virtual host definition in OpenSA's httpd.conf to modify the one used in
the Apache+mod_ssl I built; I used the certificate files shipped with OpenSA
as well.
While http connections work fine, https connections get hung up after the
client connects. When I try to "apache -k shutdown", apache takes a long
time to exit. I compared the ssl/engine.log for OpenSA and for my build,
and they are EXACTLY the same until the client connects. I'll attach the
engine.log to the end of this message. I ran with ssl log set to debug, and
it didn't help at all. The fact that the trace is showing up in
ssl/engine.log I think means that the request is coming in on the right
port. Any ideas on what is causing this to hang? I think it is okay to use
the OpenSA certificate files - they are not burned into the Apache
executable at all. engine.log follows.
Guy Rouillier
[EMAIL PROTECTED]
Server: OpenSA/0.20 Apache/1.3.12, Interface: mod_ssl/2.6.2, Library:
OpenSSL/0.9.5
You are using mod_ssl under Win32. This combination is *NOT* officially
supported. Use it at your own risk!
Init: 1st startup round (still not detached)
Init: Initializing OpenSSL library
Init: Loading certificate & private key of SSL-aware server eurovan:443
Init: Seeding PRNG with 136 bytes of entropy
Init: Generating temporary RSA private keys (512/1024 bits)
Init: Configuring temporary DH parameters (512/1024 bits)
Init: Seeding PRNG with 136 bytes of entropy
Init: Configuring temporary RSA private keys (512/1024 bits)
Init: Configuring temporary DH parameters (512/1024 bits)
Init: Initializing (virtual) servers for SSL
Init: Configuring server eurovan:443 for SSL protocol
Init: (eurovan:443) RSA server certificate CommonName (CN)
`www.snakeoil.dom' does NOT match server name!?
Connection to child 0 established (server eurovan:443, client 64.47.92.46)
# OpenSA and my build the same up to here. My build stops here, OpenSA
continues below.
Seeding PRNG with 1160 bytes of entropy
Connection: Client IP: 64.47.92.46, Protocol: TLSv1, Cipher: EXP-RC4-MD5
(40/128 bits)
Connection to child 0 closed with standard shutdown (server eurovan:443,
client 64.47.92.46)
Connection to child 1 established (server eurovan:443, client 64.47.92.46)
Seeding PRNG with 1160 bytes of entropy
Connection: Client IP: 64.47.92.46, Protocol: TLSv1, Cipher: EXP-RC4-MD5
(40/128 bits)
Initial (No.1) HTTPS request received for child 1 (server eurovan:443)
Connection to child 1 closed with unclean shutdown (server eurovan:443,
client 64.47.92.46)
Connection to child 2 established (server eurovan:443, client 64.47.92.46)
Seeding PRNG with 1160 bytes of entropy
Connection: Client IP: 64.47.92.46, Protocol: TLSv1, Cipher: EXP-RC4-MD5
(40/128 bits)
Initial (No.1) HTTPS request received for child 2 (server eurovan:443)
Connection to child 2 closed with unclean shutdown (server eurovan:443,
client 64.47.92.46)
Hello,
I had made a fixed configure.bat for mod_ssl-2.8.0
for win32 build. Here it is,
http://www.modssl.org/contrib/mod_ssl-2.8.0-win32fix.zip
Unzip it and replace the orignal files.
Have a nice day!
Aaron.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]