The URL you would want to go to would be https://www.yourdomainname.com:4433
obviously you would replace yourdomainname.... PS... if you have a firewall in effect, you may have to open port 4433 to allow the connection to succeed. ----- Original Message ----- From: "Christopher Taranto" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 18, 2002 11:49 PM Subject: Re[3]: MSIE + "The page cannot be displayed" error > > I'm not really sure what to do or what exactly I am expecting using > s_server but here are the results from my server. > > ]# openssl s_server -accept 4443 -www \ > -cert /usr/local/apache/conf/ssl.crt/www.cert.crt \ > -key /usr/local/apache/conf/ssl.key/www.cert.key \ > -state > -debug > Using default temp DH parameters > ACCEPT > > it waits for input, but no matter what I enter it just hangs. I have > looked through the man page but I haven't found an example of how this is > used so I don't quite get it. What should I look for? > > >>To date, I haven't found a machine that is afflicted with the problem > that I can do this with :( > > What's your URL? I will look at your page and see if it works with my > broken MSIE browser. > > > At 10:51 AM 1/18/02 -0700, you wrote: > >Run this command line and try to connect to it. > >openssl s_server -accept 4443 -www -cert pathtocert -key pathtokey -state > > > >1) Make sure to change "pathtocert" and "pathtokey" to the appropriate > >values, and for additional debug info add -debug... > >2) Try to make sure you are using the same openssl that you compiled > >apache with > > > >It simply creates a weblike version of SSL on port 4433 WITHOUT apache > >that will print some debug info to the client.... feel free > >to "man s_server" to get info about the program > > > >At least this way, you will be able to find out if the problem is with > >SSL, or if it with (mod_ssl+apache) > > > >PS... please let me know as I am confronted with the EXACT problem you > >have, and have been for 3 years... even after a full Linux > >redhat upgrade to 7.2 (complete reformat, re-install) > > > >To date, I haven't found a machine that is afflicted with the problem that > >I can do this with :( > > > >----- Original Message ----- > >From: "Christopher Taranto" <[EMAIL PROTECTED]> > >To: <[EMAIL PROTECTED]> > >Sent: Thursday, January 17, 2002 11:10 PM > >Subject: RE: MSIE + "The page cannot be displayed" error > > > > > > > Hi, > > > > > > I have been trying to fix the known MSIE browser issues in my configuration > > > with some issues still occuring. > > > > > > I have read the FAQ, searched the archives, and implemented the solutions > > > that have been documented - but I am still getting the dreaded "The page > > > cannot be displayed" error when certain MSIE browsers attempt to connect to > > > my site. I get the infamous log entry: > > > > > > [Fri Jan 18 00:55:53 2002] [error] mod_ssl: SSL handshake interrupted by > > > system [Hint: Stop button pressed in browser?!] (System error follows) > > > [Fri Jan 18 00:55:53 2002] [error] System: Connection reset by peer > > > (errno: 104) > > > > > > Fortunately (for my sanity), I have one of non-working versions of the MSIE > > > browsers (5.00.2614.3500) on one of the machines in my office so I can > > > repeatedly create the errors. > > > > > > I am determined to squash this thing but I do not know where to go next. > > > > > > I have included the following information below: > > > > > > * SYSTEM INFORMATION > > > * CONFIGURATION INFORMATION > > > * BROWSER VERSION INFORMATION > > > * CERTIFICATE STATISTICS FROM THE BROWSER > > > > > > Any help or further direction would be greatly appreciated! > > > > > > Sincerely, > > > > > > Christopher Taranto > > > > > > > > > SYSTEM INFORMATION: > > > =================== > > > > > > I am running Red Hat 6.2 on a Pentinum III using: > > > > > > * mod_ssl-2.8.5-1.3.22 > > > * openssl-0.9.6b > > > * mm-1.1.3 > > > > > > > > > CONFIGURATION INFORMATION: > > > ========================== > > > > > > <IfModule mod_ssl.c> > > > > > > AddType application/x-x509-ca-cert .crt > > > AddType application/x-pkcs7-crl .crl > > > > > > SSLPassPhraseDialog builtin > > > > > > # I have also tried dbm but there was no difference > > > SSLSessionCache > > > shm:/usr/local/apache/logs/ssl_gcache_data(512000) > > > SSLSessionCacheTimeout 300 > > > > > > SSLMutex file:logs/ssl_mutex > > > > > > SSLRandomSeed startup builtin > > > SSLRandomSeed connect builtin > > > > > > SSLLog logs/ssl_engine_log > > > SSLLogLevel info > > > > > > </IfModule> > > > > > > <VirtualHost> > > > > > > <snip> > > > > > > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > > > > > > BrowserMatch "MSIE [1-4]" nokeepalive \ > > > ssl-unclean-shutdown \ > > > downgrade-1.0 \ > > > force-response-1.0 > > > > > > BrowserMatch "MSIE [5-9]" ssl-unclean-shutdown > > > > > > BrowserMatch "Mozilla/4..*PC)" nokeepalive \ > > > downgrade-1.0 \ > > > force-response-1.0 > > > > > > </snip> > > > > > > </VirtualHost> > > > > > > > > > BROWSER VERSION INFORMATION > > > =================================== > > > > > > MSIE 5.00.2614.3500 > > > Cipher Strength: 40-bit > > > > > > > > > CERTIFICATE STATS FROM THE BROWSER > > > =================================== > > > > > > My certificate was generated using 1024 bits. > > > > > > Version: V3 > > > Serial Number: 5A55 3FAD EB43 6649 7F8B 39BB 1D33 6DE1 > > > Signature Algorithm: md5RSA > > > Public Key: 3081 8902 8181 00BD D63A 500D 0FE0 CCA2 E7BB 804B 53DA E4CE > > > 9F51 3D54 93A3 5D2E FC0E E3E2 7046 1EFF 6826 BB30 B8DC 4903 9A32 345F E769 > > > 31D7 D313 6ECD 62BD 2CBE C070 AFD5 C1C8 9920 7442 5E44 2AED 7878 A566 DD3A > > > 3445 0612 919A 0B74 2F6A E806 080F C7E7 9C68 7FAC 51D3 4EA9 0BC3 ABAF 27D2 > > > 2C95 0A09 CD12 61B3 4DF2 0A88 1379 7552 5B1C D4CE 9F02 0301 0001 > > > Basic Constraints: Subject Type=End Entity > > > Path Length Constraint=None > > > Key Usage: Digital Signature, Key Encipherment(A0) > > > > > > [1]CRL Distribution Point > > > Distribution Point Name: > > > Full Name: > > > URL=http://crl.verisign.com/RSASecureServer.crl > > > > > > [1]Certificate Policy: > > > PolicyIdentifier=2.16.840.1.113733.1.7.1.1 > > > [1,1]Policy Qualifier Info: > > > Policy Qualifier Id=1.3.6.1.5.5.7.2.1 > > > Qualifier=161C 6874 7470 733A 2F2F 7777 772E 7665 7269 7369 676E > > > 2E63 6F6D 2F43 5053 > > > [1,2]Policy Qualifier Info: > > > Policy Qualifier Id=1.3.6.1.5.5.7.2.2 > > > Qualifier=3056 3015 160E 5665 7269 5369 676E 2C20 496E 632E 3003 > > > 0201 011A 3D56 6572 6953 6967 6E27 7320 4350 5320 696E 636F 7270 2E20 6279 > > > 2072 6566 6572 656E 6365 206C 6961 622E 206C 7464 2E20 2863 2939 3720 5665 > > > 7269 5369 676E > > > > > > Server Authentication(1.3.6.1.5.5.7.3.1) > > > Client Authentication(1.3.6.1.5.5.7.3.2) > > > > > > 2.16.840.1.113733.1.6.15: > > > 16 09 39 32 36 30 32 32 ..926022 > > > 34 32 37 427 > > > > > > Authority Information Access: [1]Authority Info Access > > > AccessMethod=On-line Certificate Status Protocol(1.3.6.1.5.5.7.48.1) > > > Alternative Name: > > > URL=http://ocsp.verisign.com > > > > > > Thumbprint Algorithm: sha1 > > > Thumbprint: CC1C DD7D BE05 C813 F119 813B 86E6 5717 5583 F981 > > > > > > > > > > > > > > > > > > > > > > > > ______________________________________________________________________ > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > User Support Mailing List [EMAIL PROTECTED] > > > Automated List Manager [EMAIL PROTECTED] > > > >______________________________________________________________________ > >Apache Interface to OpenSSL (mod_ssl) www.modssl.org > >User Support Mailing List [EMAIL PROTECTED] > >Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
