Hello,
Using cherokee from debian sid (0.4.29-3) I can not use SSL, I make a
debian package with cherokee 0.4.30 and the debian directory from the
debian package of 0.4.29-3 and I have the same problem.
I use the following setting in /etc/cherokee/mods-available/ssl
# The server certificate
SSLCertificateFile /etc/cherokee/ssl/cherokee.crt
# its associated key
SSLCertificateKeyFile /etc/cherokee/ssl/cherokee.key
# concatenation of the CA and a sub CA.
SSLCAListFile /etc/cherokee/ssl/ca_chain.crt
I set the portTLS in cherokee.conf an add:
Directory /ssl/ {
Handler common
OnlySecure
}
to my virtual host, and cherokee do not respond, neither on http nor
https.
Without the link in mods-enable cherokee works fine, trying to access
/ssl failed with 426 Upgrade Required, which is normal, ssl is not
enabled.
Lauching /usr/sbin/cherokee -C /etc/cherokee.conf with ssl support do
not show me the traditionale outpout:
Cherokee Web Server 0.4.30: Listening on port 80, TLS disabled, IPv6 disable
using epoll, 16384 fds limit, 5 threads, 3276 fds in each
standard scheduling policy
It seems to bloc, using gnutls-cli to connect do not work:
# gnutls-cli -d 5 -p 443 www.asgardr.info
Resolving 'www.asgardr.info'...
Connecting to '192.168.1.1:443'...
|<3>| HSK[806f9c0]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
[...]
|<3>| HSK[806f9c0]: Keeping ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[806f9c0]: Sending extension CERT_TYPE
|<2>| EXT[806f9c0]: Sending extension SERVER_NAME
|<3>| HSK[806f9c0]: CLIENT HELLO was send [136 bytes]
|<4>| REC[806f9c0]: Sending Packet[0] Handshake(22) with length: 136
|<4>| REC[806f9c0]: Sent Packet[1] Handshake(22) with length: 141
Do you have some ideas ?
Thanks.
--
Daniel 'NebuchadnezzaR' Dehennin
Récupérer ma clef GPG:
gpg --keyserver pgp.mit.edu --recv-keys 0x2A408F69
_______________________________________________
Cherokee mailing list
[email protected]
http://www.0x50.org/cgi-bin/mailman/listinfo/cherokee
