RE: SSL cache issue
David and others, Why would a JSP (or PHP, or any dynamically created page) resolve their URL differently from a 'static' page? If page A, static.html, has a hyperlink to page B, another_static.html, no probs occur. BUT, if page A has a link to dynamic.jsp (as a GET: href=dynamic.jsp?some_id=12), *sometimes* a page not found error appears (or a security warning message). Sorry for my ignorance, Shiraz -Original Message- From: David Marshall [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 7:38 PM To: '[EMAIL PROTECTED]' Subject:RE: SSL cache issue Make sure that the JSPs in question are resolving their url's with the right protocol HTTPS/HTTP when appropriate. The JSPs may be trying to GET/POST with HTTP when they need to use HTTPS. Since you are using Apache and RESIN. I would assume that you are using the mod_caucho plug-in for Apache. David Marshall -Original Message- From: Shiraz Esat [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 1:10 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To: '[EMAIL PROTECTED]' Subject:SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: SSL cache issue
Yes I've had this problem. One make sure a generate your OWN certificate and not one that comes with OpenSSL or distributions and add this to your SSL VirtualHost SSLProtocol -all +SSLv2 This should get rid of this problem. As I'm guessing that you have have had the same problem I have. This seemed to have fixed the problem. I think there is a problem with IE and OpenSSL using SSLv3 with an uncertified SSL certificate. Let me know if this has fixed your problem. Jeremy Walton DICE Corporation -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Shiraz Esat Sent: Wednesday, April 03, 2002 4:50 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue Jeremy et al, Server-side: Linux, Apache 1.3.20, mod_ssl 2.8.4, OpenSSL 0.9.6b, PHP 4.1.2. Client-side: Win2000, IE5.5. Surely this is a server-side problem? Or, at least, surely there must be a 'fix' server-side? After all, do we need to tell all site-visitors to fix their browsers? Thanks in advance, Shiraz -Original Message- From: Jeremy Walton [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 10:00 PM To: [EMAIL PROTECTED] Subject:RE: SSL cache issue Actually I've had this problem. I may have the solution for you if you can tell me what OS your running the client from and what browser. Jeremy Walton DICE Corporation -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Shiraz Esat Sent: Tuesday, April 02, 2002 4:10 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To: '[EMAIL PROTECTED]' Subject:SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: SSL cache issue
Shiraz, Fundamentally, the url's resolve the same. With JSP some URLs resolve at the Browser, and some URL's resolve on the JSP server. However, just like someone can hardcode HTTP into the HREF for static content, so can JSP developers generate HTTP references dynamically when thay might need to generate HTTPS. A lot depends on how the JSP is coded and how the JSP/Servlet engine is connected to Apache. For example, I've seen one installation where mod_proxy was used to switch from https in apache to redirect http to a jsp server. Since this was using a RESIN JSP engine getting this installation switched to using mod_caucho instead of mod_proxy resolved the JSP logic that was trying to detect HTTP/HTTPS protocol. In your example Page A has a link to dynamic.jsp. If possible, you should use your browser to view source on the output of dynamic.jsp. In reviewing the source at the browser any HTTP links will cause a security warning message. In addition, I have found it necessary to review the actual JSP source. Some JSP's will resolve URLs on the server and get page not found errors on the server. An example could be Server side URL reference with HTTP that needs to be HTTPS. David -Original Message- From: Shiraz Esat [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 2:03 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue David and others, Why would a JSP (or PHP, or any dynamically created page) resolve their URL differently from a 'static' page? If page A, static.html, has a hyperlink to page B, another_static.html, no probs occur. BUT, if page A has a link to dynamic.jsp (as a GET: href=dynamic.jsp?some_id=12), *sometimes* a page not found error appears (or a security warning message). Sorry for my ignorance, Shiraz -Original Message- From: David Marshall [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 7:38 PM To: '[EMAIL PROTECTED]' Subject:RE: SSL cache issue Make sure that the JSPs in question are resolving their url's with the right protocol HTTPS/HTTP when appropriate. The JSPs may be trying to GET/POST with HTTP when they need to use HTTPS. Since you are using Apache and RESIN. I would assume that you are using the mod_caucho plug-in for Apache. David Marshall -Original Message- From: Shiraz Esat [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 1:10 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To: '[EMAIL PROTECTED]' Subject:SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: SSL cache issue
Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To: '[EMAIL PROTECTED]' Subject:SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: SSL cache issue
This is related, and might be work noting: With modSSL 3.x in apache 2.x land, I have found that it cannot renegotiate during a POST. However, hitting the refresh button seems to do the handshake and then to the POST correctly. --Ed From: Shiraz Esat [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: RE: SSL cache issue Date: Tue, 2 Apr 2002 10:10:15 +0100 Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To:'[EMAIL PROTECTED]' Subject: SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] _ Chat with friends online, try MSN Messenger: http://messenger.msn.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: SSL cache issue
Actually I've had this problem. I may have the solution for you if you can tell me what OS your running the client from and what browser. Jeremy Walton DICE Corporation -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Shiraz Esat Sent: Tuesday, April 02, 2002 4:10 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To: '[EMAIL PROTECTED]' Subject:SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: SSL cache issue
Make sure that the JSPs in question are resolving their url's with the right protocol HTTPS/HTTP when appropriate. The JSPs may be trying to GET/POST with HTTP when they need to use HTTPS. Since you are using Apache and RESIN. I would assume that you are using the mod_caucho plug-in for Apache. David Marshall -Original Message- From: Shiraz Esat [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 1:10 AM To: '[EMAIL PROTECTED]' Subject: RE: SSL cache issue Terry, If anyone passes you a solution, can you please pass it on to me as well, as I have the same problem :( [Only difference, though, is that I'm using PHP generated pages] Thanks in advance Shiraz -Original Message- From: Terry Ziemniak [SMTP:[EMAIL PROTECTED]] Sent: Friday, March 29, 2002 9:31 PM To: '[EMAIL PROTECTED]' Subject:SSL cache issue I am getting 'page not found errors' the first time I access certain JSP pages (though there are others that always work). If I refresh the page displays correctly. Notes: 1. This only happens over HTTPS, never over HTTP 2. Netscape (v 4.2) displayed the error Data Missing. This document resulted from a POST operation and has expired from the cache. If you wish you can repost the form data to create the document by pressing the reload button. 3. Apache's access.log seems to validate point 2. The last line before an error is a POST. The retry shows a POST followed shortly by anther GET and POST of the same JSP. 4. I have not yet been able to exactly describe 'First time'. General rule of them, if I repeat the process within 15 minutes it seems OK. If I wait an hour it should fail. Though quantifying that has not been my highest priority. 5. I am running Apache_1.3.20-Mod_SSL_2.8.4-OpenSSL_0.9.6a-WIN32 and Resin 1.2.8. Any help would be appreciated. Terry Ziemniak File: ATT2.htm __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]