Hi Mark,
--On January 5, 2010 10:11:43 AM -0600 Mark Nipper <ni...@bitgnome.net>
wrote:
Try using the openssl command line tool from a shell to connect to
your server. That can print out lots of useful debugging information:
> openssl s_client -connect host.example.com:8443 -debug
Like I said, it's not getting very far in the
conversation:
---
CONNECTED(00000003)
write to 0x1a0a0d0 [0x1a0b740] (118 bytes => 118 (0x76))
0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .t....K... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../.......
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...............
0050 - 00 00 03 02 00 80 9e 32-f3 6f ad 39 54 50 e4 83 .......2.o.9TP..
0060 - bd e3 a7 df 2f a3 84 ac-90 5f ca 48 a1 71 e6 d7 ..../...._.H.q..
0070 - 95 87 f2 e2 f1 29 .....)
read from 0x1a0a0d0 [0x1a10ca0] (7 bytes => 0 (0x0))
26527:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:188: ---
Also note that the server is explicitly set to use SSLv3_METHOD
protocol rather than SSLv23_METHOD. It maybe your client cannot cope
with that, in which case you will need to adjust the value in the
caldavd.plist (or update the client).
Well, given the above, I don't think we're getting that
far.
So openssl was trying the v23 handshake and failing because the server only
does v3. Try this:
openssl s_client -connect host.example.com:8443 -debug -ssl3
--
Cyrus Daboo
_______________________________________________
calendarserver-users mailing list
calendarserver-users@lists.macosforge.org
http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
