I'm a little curious about your port number. You show 8080 in your
example, but that's usually only used when SSL is not being used.
How are you starting your container? If you use -nosec, an SSL
client should fail to connect.
Charles
On Jan 7, 2008, at 10:37 AM, Andrea Lelj Garolla Di Bard wrote:
Hi All,
I tried one of the tests that i found at Pre-WS Authentication &
Authorization web page in Globus web Site (http://www.globus.org/
toolkit/docs/4.0/security/prewsaa/user-index.html), it give me this
error:
-----
[EMAIL PROTECTED] globus-4.0.5]$ openssl s_client -ssl3 -cert /home/
scope/.globus/usercert.pem -key /home/scope/.globus/userkey.pem -
CApath $GLOBUS_LOCATION/etc/grid-security/certificates -connect
143.225.25.111:8080
Enter PEM pass phrase:
CONNECTED(00000003)
30942:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:286:
-----
Googling arround I found, in Apache web site
(http://mail-archives.apache.org/mod_mbox/httpd-bugs/200603.mbox/%
[EMAIL PROTECTED]),
that this error is generated by a SSL Bug:
-----
------- Additional Comments From [EMAIL PROTECTED]
2006-03-02 18:58 -------
(In reply to comment #11)
The bug is definitely still present in 2.0.55. I am testing on
Linux, and I
suspect most of the others involved have been testing on something
that uses the
unix build of httpd in one way or another.
However, I would be surprised if this is a platform specific bug,
based on what
the real problem is (bug is in proxy_connect, not in mod_ssl). Are
you sure you
understand the original test case? For my testing, I am using
"openssl s_client
-connect 127.0.0.1:443" on the same machine running the server, and
sending a
CONNECT request to the server through this SSL channel. The client
errors out
with "15949:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:286:" when the proxy_connect module starts to send
data because
proxy_connect is writing to the socket directly instead of going
through the
filter stack. Because it skips the filter stack, the SSL module
doesn't get
called and the data is sent in the clear.
------
Is it possible that this error is related to the following error
that I get in the container, when i try to use Delegetion Service???:
-----
2007-12-26 15:55:56,309 ERROR service.DelegationResource
[RunQueueThread_2,authorize:386] "/O=Grid/OU=GlobusTest/OU=simpleCA-
orion.ing.unina2.it/OU=ing.unina2.it/CN=andrea lelj" is not
authorized to access this resource
2007-12-26 15:55:56,314 ERROR service.ReliableFileTransferResource
[RunQueueThread_2,processDelegatedCredential:389] Error processing
delegated credential"/O=Grid/OU=GlobusTest/OU=simpleCA-
orion.ing.unina2.it/OU=ing.unina2.it/CN=andrea lelj" is not
authorized to access this resource
org.globus.delegation.DelegationException: "/O=Grid/OU=GlobusTest/
OU=simpleCA-orion.ing.unina2.it/OU=ing.unina2.it/CN=andrea lelj" is
not authorized to access this resource
------
Thanks in Advance.
Andrea
Interviste, concerti, news e videoclip! Solo su MSN Video! MSN Video
