[Also posted to openssl-users] Can anyone shed any light on the following?
We have a customer's SSL client talking to a CGI on a mod_ssl enabled Apache. The CGI (Perl) basically reads a POST request and copies the whole of stdin to a file, and that's it. (It does remember to close the file, and returns a 200 and an empty text/plain document.) The first time, everything works fine. Second and subsequent attempts get the following. After about 30 mins, something seems to time out, the next request works, and again subsequent ones fail... [Mon May 13 00:03:16 2002] [error] mod_ssl: SSL handshake failed (server customer.confidential:443, client nnn.nnn.nnn.nnn) (OpenSSL library error follows) [Mon May 13 00:03:16 2002] [error] OpenSSL: error:14094438:lib(20):func(148):reason(1080) According to my not-very-expert reading of the source, this seems to be the error SSL_R_INTERNAL_ERROR from ssl3_read_bytes in OpenSSL, which appears to translate very roughly to "What the **** was THAT pattern of bytes, 'cause it sure wasn't supposed to happen right here!" OpenSSL version, to the current limit of my knowledge, is newer than 0.9.6b (it has the fix for big CA lists in handshaking). I can get more details from the customer, but they ain't awake yet (being US-based) and it'd be good to know what else to ask. -- Mike Whitaker [EMAIL PROTECTED] +44-1733-327545 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]