Hi John, Thanks for the response.
The thing is, I can get in once in a while (1 in 100 times). When I first encountered the problem, I thought it was a firewalling problem. I use both TCP wrappers and iptables. I had disabled both without any change in the problem. The fact that I can get in once in a while leads me to think that it is not a firewalling problem. I can get in with the machines on my internal network 100% of the time. I have never had a problem with http on either internal or external. It is https only. I did try what you suggested with no change in the problem, and I did do this before on several occasions. I have a wireless access point which acts as my gateway. I am wondering if there is a problem with NAT? The strange thing is that when I changed the SSLSessionCache from 'dbm' to 'none' (I don't think my platform supports shm), I was able to get in with external access 100% of the time. I thought my problem was fixed, but 5 minutes later, the connections could not get in. Since I sent the last mail, I now have all of the latest software, mod_ssl 2.8.14, OpenSSL 0.9.7b. and I still have the same problem. Konn ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 16, 2003 1:34 AM Subject: RE: https access problems > Do you have the ipchains or iptables firewall enabled? Try "service ipchains > stop" and "service iptables stop" to disable it completely and then try > again. In the former case "lokkit" will allow you to configure your firewall > to accept connections on the relevant ports. > > - > John Airey, BSc (Jt Hons), CNA, RHCE > Internet systems support officer, ITCSD, Royal National Institute of the > Blind, > Bakewell Road, Peterborough PE2 6XU, > Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] > > Evolution isn't true just because the majority of people think it is. > > > -----Original Message----- > > From: Konn Danley [mailto:[EMAIL PROTECTED] > > Sent: 13 June 2003 19:31 > > To: [EMAIL PROTECTED] > > Subject: https access problems > > > > > > Hi, > > > > I am new to this mailing list. I am having a problem with > > external internet > > access to my server. I have the following in place: > > > > Red Hat 7.3/2.4.18-3 > > Apache 1.3.27 > > mod_ssl 2.8.12-1.3.27 > > OpenSSL 0.9.7a > > > > I have a main server running on port 80, and a virtualhost on > > port 443 for > > the SSL. I can access port 443 100% of the time from any client on my > > internal network. From external networks, I am having > > problems connecting. > > I see nothing in IPTraf when these connections external > > connections don't > > connect, nor do I get anything in my log files. I have no > > problems at all > > with http. All internal clients work fine for both http and > > https on MSIE, > > Netscape, and Mozilla. These same clients configured for > > loopback through a > > dial-up and back into a cable-modem can't get in.....most of > > the time, but > > once in a while. The same symptoms occur for other people > > who have tried to > > access my SSL website. They have no problems with http, but > > https will > > almost always refuse the connection or give them a page not displayed. > > > > I found a couple of messages posted on this board which > > talked about the > > SSLSessionCache. I tried changing that to 'none' from 'dbm'. > > When I did > > this, the external connections worked!! 5 minutes later, > > they were gone, > > and I was back to the same place that I started. This is a > > very strange > > problem, and I am NOT an expert. > > > > I see that there are a lot of posts on this board concerning similiar > > sounding problems. Has anybody come up with a fix for this? > > Does anybody > > have any suggestions as to what I should do or try next? > > > > Any help here is greatly appreciated. > > > > Konn > > > > > > ______________________________________________________________________ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > > - > > NOTICE: The information contained in this email and any attachments is > confidential and may be legally privileged. If you are not the > intended recipient you are hereby notified that you must not use, > disclose, distribute, copy, print or rely on this email's content. If > you are not the intended recipient, please notify the sender > immediately and then delete the email and any attachments from your > system. > > RNIB has made strenuous efforts to ensure that emails and any > attachments generated by its staff are free from viruses. However, it > cannot accept any responsibility for any viruses which are > transmitted. We therefore recommend you scan all attachments. > > Please note that the statements and views expressed in this email > and any attachments are those of the author and do not necessarily > represent those of RNIB. > > RNIB Registered Charity Number: 226227 > > Website: http://www.rnib.org.uk > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
