I need to know the browser type, version and strength (e.g. MSIE 5.5 128-bit, Netscape 4.7 40-bit...).
Oscar, when you say you're seeing the exact same problem, do you mean you're seeing both the error message and the browser is failing on the first connect?
/s.
On Tuesday, March 11, 2003, at 08:42 AM, Oscar Bonilla wrote:
I'm seeing the exact same problem, however I have ServerSessionCache set to true. I'm using nsopenssl 2.1. What could the problem be?
This is the nsopenssl part of my aolserver config file:
----- ns_section "ns/server/${servername}/module/nsopenssl" ns_param ServerPort ${httpsport} ns_param ServerHostname ${hostname} ns_param ServerAddress ${address} ns_param ServerCertFile ${sslcertificate} ns_param ServerKeyFile ${sslkey} ns_param ServerProtocols All ns_param ServerCipherSuite "ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" ns_param ServerSessionCache true ns_param ServerSessionCacheID 1 ns_param ServerSessionCacheSize 512 ns_param ServerSessionCacheTimeout 300 ns_param ServerPeerVerify false ns_param ServerPeerVerifyDepth 3 ns_param ServerCADir ${sslcadir} ns_param ServerCAFile ${sslcafile} ns_param ServerTrace false
ns_param SockServerCertFile ${sslcertificate} ns_param SockServerKeyFile ${sslkey} ns_param SockServerProtocols All ns_param SockServerCipherSuite "ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" ns_param SockServerSessionCache true ns_param SockServerSessionCacheID 2 ns_param SockServerSessionCacheSize 512 ns_param SockServerSessionCacheTimeout 300 ns_param SockServerPeerVerify true ns_param SockServerPeerVerifyDepth 3 ns_param SockServerCADir ${sslinternalcadir} ns_param SockServerCAFile ${sslinternalcafile} ns_param SockServerTrace false
ns_param SockClientCertFile ${sslclientcertificate} ns_param SockClientKeyFile ${sslclientkey} ns_param SockClientProtocols All ns_param SockClientCipherSuite "ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" ns_param SockClientSessionCache true ns_param SockClientSessionCacheID 3 ns_param SockClientSessionCacheSize 512 ns_param SockClientSessionCacheTimeout 300 ns_param SockClientPeerVerify true ns_param SockClientPeerVerifyDepth 3 ns_param SockClientCADir ${sslservercadir} ns_param SockClientCAFile ${sslservercafile} ns_param SockClientTrace false
ns_param RandomFile /dev/urandom ns_param SeedBytes 1024 ----
Thanks,
-Oscar
On Mon, Mar 10, 2003 at 11:42:36PM -0600, Scott Goodwin wrote:Turn it on, always, always, always have session caching on, or SSL to certain MSIE browser versions will fail in the way you're seeing. I've just updated the nsopenssl config examples at my site to reflect this.
nsopenssl 3.0 will have session caching turned on by default, so that if you want it turned off you'll have to explicitly do so.
/s.
On Monday, March 10, 2003, at 11:32 PM, William Scott Jordan wrote:
ServerSessionCache is set to false.
Scott
At 11:12 PM 3/10/2003 -0600, you wrote:Do you have session caching turned on?
/s.
On Monday, March 10, 2003, at 11:00 PM, William Scott Jordan wrote:
I'm running AOLServer 3.4 with OpenSSL 0.9.6 and nsopenssl 2.2b4 on Redhat 7.0 and I'm getting this error quite a bit:
Error: nsopenssl: EOF during SSL handshake
I have no idea what's causing it and I can't recreate it. When it happens, it gives the end user a "Server Error" message. Reloading the same page never causes the problem a second time. I really don't even know whether it's a problem with AOLServer, a configuration issue, or a problem with OpenSSL.
Has anybody seen this before or have any idea of how to correct it? Any advice would be appreciated.
Scott
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
I. To remove yourself from this list:
Send a message to "[EMAIL PROTECTED]" with the following text in the BODY of your message:
signoff aolserver
II. For a complete list of listserv options please visit:
http://listserv.aol.com/
III. For more AOLserver information please visit:
http://www.aolserver.com/
