First of all, is there a specific extension required for SSL certificates on an Apache/Tomcat server? i.e. Does it have to be a "crt" or a "cert" or ? Seems like I read that it needs to be "PEM-encoded" - that's about all I could find.
Also, my error log is showing the below... Where should I start looking for the problem? (Trying to 'rewrite' a certain page to httpS - it never gets redirected... if I manually add the "s", the browser tells me its trying to connect to SSL, but when I 'proceed' through the security warning, the "s" disappears from the URL) [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/accept initialization [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 bytes from BIO#%p [mem: %p] \xa0\x11\xd2o [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+ [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1789): | 0000: 47 45 54 20 2f 66 61 76-69 63 6f GET /favico | [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+ [Mon Aug 17 15:00:19 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv2/v3 read client hello A [Mon Aug 17 15:00:19 2009] [info] [client 1.2.3.4] SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page [Mon Aug 17 15:00:19 2009] [info] SSL Library Error: 336027804 error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request speaking HTTP to HTTPS port!? [Mon Aug 17 15:00:22 2009] [info] [client 1.2.3.4] Connection to child 57 established (server www.domain.com:443) [Mon Aug 17 15:00:22 2009] [info] Seeding PRNG with 144 bytes of entropy This is what my sslerror.log says: [Mon Aug 17 13:39:45 2009] [info] Initial (No.1) HTTPS request received for child 61 (server www.domain.com:443) [Mon Aug 17 13:39:45 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#%p [mem: %p] [Mon Aug 17 13:39:45 2009] [info] [client 172.1.2.3] (70014)End of file found: SSL input filter read failed. [Mon Aug 17 13:39:45 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully [Mon Aug 17 13:39:45 2009] [info] [client 172.1.2.3] Connection closed to child 61 with standard shutdown (server www.domain.com:443) Thanks
