Hi, On Thu, 27 Jun 2002, Peter Cronin wrote:
> Was wondering if anyone can help me? I believe I have mod_ssl loaded > correctly and configurd correctly, but I get the following situation > when I access my SSL site. > - https://secure.aebdemo.com, it just hangs on site, but says host contacted... > - this is what the SSL.log says: It looks like it confgures ok for >secure.aebdemo.com:443 [snip] > [26/Jun/2002 22:02:02 02404] [info] Connection to child 0 established (server >secure.aebdemo.com:443, client 205.229.222.70) > > [26/Jun/2002 22:02:02 02404] [info] Seeding PRNG with 0 bytes of entropy [snip] > my configuration in httpd.conf is: > SSLMutex sem > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none [snip] It would appear you may have a PRNG problem, and given that you're running on some variant of windows, it wouldn't surprise me in the least. I don't know much (read: anything) about mod_ssl's operation under win32, but one way for you to find out *if* this what's causing your problems, try using some largish file (eg. 32Kb or bigger should certainly be enough) and feeding that into SSLRandomSeed, ie. replace "builtin" in both of those lines with "file:<path-to-your-file>". If that works, don't leave it like that as it represents a security risk. However, it would at least tell you if a working source of entropy for the PRNG is all that separates you from a functioning system, otherwise the problem lies elsewhere. As for a working PRNG solution on windows that you *could* use in production ... good question ... you may want to ask that separately on this list as/when you know if it's the problem. Lutz is on this list, he'd have a better chance of answering such a question than I. Cheers, Geoff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
