Connection hangs when using SSL

Mon, 04 Feb 2002 18:01:20 -0800

Title: Connection hangs when using SSL

I'm trying to get Apache up and running on WinNT, with SSL

I'm using

Apache/1.3.19 (Win32)
mod_ssl/2.8.3
OpenSSL/0.9.6a

My Apache config is as follows ...

SSLMutex sem
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLSessionCache none

SSLLog logs/SSL.log
SSLLogLevel debug

<VirtualHost <MY_HOST>:443>
        ServerName <MY_HOST>
        SSLEngine on
        SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

        SSLCertificateFile D:/apache/ssl/my-server.cert
        SSLCertificateKeyFile D:/apache/ssl/my-server.key

        SetEnvIf User-Agent ".*MSIE.*" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0
        CustomLog logs/ssl_request_log combined
</VirtualHost>

My problem is that when I issue https://<MY_HOST> through the browser the browser simply hangs  - there's no response from apache.

If I try and connect to 443 directly using openssl I get

$ openssl s_client  -connect  <MY_HOST>:443 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0A01ED48 [0A01F788] (130 bytes => 130 (0x82))
0000 - 80 80 01 03 01 00 57 00-00 00 20 00 00 16 00 00   ......W... .....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 07 00 00 05   .........f......
0020 - 00 00 04 05 00 80 03 00-80 01 00 80 08 00 80 00   ................
0030 - 00 65 00 00 64 00 00 63-00 00 62 00 00 61 00 00   .e..d..c..b..a..
0040 - 60 00 00 15 00 00 12 00-00 09 06 00 40 00 00 14   `...........@...
0050 - 00 00 11 00 00 08 00 00-06 00 00 03 04 00 80 02   ................
0060 - 00 80 46 fe 76 0c 2a 63-8a 04 72 25 77 e3 3c 15   ..F.v.*c..r%w.<.
0070 - 22 77 46 a4 69 b9 20 85-03 7d 7b ad 85 b9 db ed   "wF.i. ..}{.....
0080 - b6 1c                                             ..
SSL_connect:SSLv2/v3 write client hello A

... and nothing more.

I've tried using the -ssl2 and -ssl3 flags, but get the same result.

I've tried connecting using telnet and trying to speak http to the port and that doesn't work so that's not the issue.

Furthermore, when I try and connect I get an entry in my ssl.log ...

[04/Feb/2002 17:01:01 00193] [info]  Connection to child 4 established (server <MY_HOST>:443, client <MY_IP>)

Any suggestions gratefully received

Regards

Ken Tune

Reply via email to