can not reuse SSL connections on RHEL5/CentOS5
----------------------------------------------
Key: TS-718
URL: https://issues.apache.org/jira/browse/TS-718
Project: Traffic Server
Issue Type: Bug
Components: SSL
Affects Versions: 2.1.7
Environment: RHEL5 system with TS 2.1.6 2.1.7
compared with Apache httpd
Reporter: Zhao Yongming
Fix For: 2.1.8
when with apache httpd default mod_ssl:
[root@ts1 httpd]# echo | openssl s_client -reconnect -connect localhost:443 2>&1
CONNECTED(00000003)
depth=0
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=ts1.test.cnz.alimama.com/[email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=ts1.test.cnz.alimama.com/[email protected]
verify return:1
---
Certificate chain
0
s:/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=ts1.test.cnz.alimama.com/[email protected]
i:/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=ts1.test.cnz.alimama.com/[email protected]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDSzCCArSgAwIBAgICUWcwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNVBAYTAi0t
MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK
DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV
bml0MSEwHwYDVQQDDBh0czEudGVzdC5jbnouYWxpbWFtYS5jb20xLDAqBgkqhkiG
9w0BCQEWHXJvb3RAdHMxLnRlc3QuY256LmFsaW1hbWEuY29tMB4XDTExMDMyNDEw
Mjk1MVoXDTEyMDMyMzEwMjk1MVowgcExCzAJBgNVBAYTAi0tMRIwEAYDVQQIDAlT
b21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQKDBBTb21lT3JnYW5p
emF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxVbml0MSEwHwYDVQQD
DBh0czEudGVzdC5jbnouYWxpbWFtYS5jb20xLDAqBgkqhkiG9w0BCQEWHXJvb3RA
dHMxLnRlc3QuY256LmFsaW1hbWEuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQDg0xr6MMfTUooenmxTyXiaSiHMfrkbGGhjgE0slP1iWfBf62Qal1daSSb8
hSSFCZI78RWAp/bcadHGPo43xDWBmohLyTnlWksKKcbSJ9atdijC2L2CJNXiWgKC
cu+2jOTLAw0YJVOufuJmm8QaqmHl4y3UGE626VDN8lPGBCrQcwIDAQABo1AwTjAd
BgNVHQ4EFgQUIAfaVLkaRWgWp+zxPtp0bWfbbsgwHwYDVR0jBBgwFoAUIAfaVLka
RWgWp+zxPtp0bWfbbsgwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQA1
qYMZB0MuCQz2yCAx25C3+UtoZuxdmQxekmOPjtRAm2CRccW7r0ne57BcVU79Qk2s
6KTU4fO7lJ1tz49ZkX5zts5WuqsWDSb4cfyDb3ybubcZwUu+eSkqVkx/7GAuVgcl
weoLXdgpQ779T45SovOR212BXQpYI0piMDNIB9p0mA==
-----END CERTIFICATE-----
subject=/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=ts1.test.cnz.alimama.com/[email protected]
issuer=/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=ts1.test.cnz.alimama.com/[email protected]
---
No client certificate CA names sent
---
SSL handshake has read 1418 bytes and written 319 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 8A72957E09AF60AD3807C1D06CE3F9BD88914886B7F1F646B03E8BDA783FAB8B
Session-ID-ctx:
Master-Key:
42808C5CDF016480F1BC7FF6F764A4886886E430F8E23400D82A9E6A6DE377A30369541E52BA06E1DC878F18DAFC2ECA
Key-Arg : None
Krb5 Principal: None
Start Time: 1300962675
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 8A72957E09AF60AD3807C1D06CE3F9BD88914886B7F1F646B03E8BDA783FAB8B
Session-ID-ctx:
Master-Key:
42808C5CDF016480F1BC7FF6F764A4886886E430F8E23400D82A9E6A6DE377A30369541E52BA06E1DC878F18DAFC2ECA
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962675
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 8A72957E09AF60AD3807C1D06CE3F9BD88914886B7F1F646B03E8BDA783FAB8B
Session-ID-ctx:
Master-Key:
42808C5CDF016480F1BC7FF6F764A4886886E430F8E23400D82A9E6A6DE377A30369541E52BA06E1DC878F18DAFC2ECA
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962675
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 8A72957E09AF60AD3807C1D06CE3F9BD88914886B7F1F646B03E8BDA783FAB8B
Session-ID-ctx:
Master-Key:
42808C5CDF016480F1BC7FF6F764A4886886E430F8E23400D82A9E6A6DE377A30369541E52BA06E1DC878F18DAFC2ECA
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962675
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 8A72957E09AF60AD3807C1D06CE3F9BD88914886B7F1F646B03E8BDA783FAB8B
Session-ID-ctx:
Master-Key:
42808C5CDF016480F1BC7FF6F764A4886886E430F8E23400D82A9E6A6DE377A30369541E52BA06E1DC878F18DAFC2ECA
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962675
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 8A72957E09AF60AD3807C1D06CE3F9BD88914886B7F1F646B03E8BDA783FAB8B
Session-ID-ctx:
Master-Key:
42808C5CDF016480F1BC7FF6F764A4886886E430F8E23400D82A9E6A6DE377A30369541E52BA06E1DC878F18DAFC2ECA
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962675
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
DONE
it works fine, but when using TS:
[root@ts1 httpd]# echo | openssl s_client -reconnect -connect localhost:443 2>&1
CONNECTED(00000003)
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0
s:/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
i:/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ca.ZYMLinux.net/[email protected]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGHTCCBAWgAwIBAgIBDDANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCQ04x
EDAOBgNVBAgTB0JlaWppbmcxEDAOBgNVBAcTB0JlaWppbmcxFTATBgNVBAoTDFpZ
TUxpbnV4Lm5ldDELMAkGA1UECxMCQ0ExGDAWBgNVBAMTD2NhLlpZTUxpbnV4Lm5l
dDEeMBwGCSqGSIb3DQEJARYPY2FAWllNTGludXgubmV0MB4XDTExMDMwODAyNDMx
MFoXDTEyMDMwNzAyNDMxMFowgaExCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdCZWlq
aW5nMRAwDgYDVQQHEwdCZWlqaW5nMRUwEwYDVQQKEwxaWU1MaW51eC5uZXQxCzAJ
BgNVBAsTAkNBMSEwHwYDVQQDExh0czMudGVzdC5jbnouYWxpbWFtYS5jb20xJzAl
BgkqhkiG9w0BCQEWGHRzMy50ZXN0LmNuei5hbGltYW1hLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAK1wb18KVJCJM0hdr4xzVIvoVwnWqn4MJ/Kl
o9/FWARJDyymm0RRiU2Enfd+BS7Bj4SJZ8TAhS6PoPD9vK1Sua/Pt3IYPRF9CL89
jIf5tAXwjCFZhnswhs1HskrtPnOzjbl7H/qFBdNGMvZytPrGxzCsBeXnJsn21M1U
WVn4sgSSBx/vS2H4BZXSyKihq205seDUt6u6L7S0KuDWFRFmBvWkoeaJktS3vyc3
o1e5B9emVa3scmnIYwrrznA5rNr+gd0EEwaCYNG8zamWF3WnWMMX/LPZhKddjwBh
5DrcfDEM+Io9gvzfjgc7httyNF4dJxUbQ1gyE9PvIlsQI15ClvcCAwEAAaOCAW4w
ggFqMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMCsGCWCGSAGG+EIBDQQe
FhxUaW55Q0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSJmPPFTTmt
BX9nH55uSiQ4eiCubTCBvAYDVR0jBIG0MIGxgBQbuyvDvYMO2DZ8QnANQf13Y2po
PKGBlaSBkjCBjzELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaWppbmcxEDAOBgNV
BAcTB0JlaWppbmcxFTATBgNVBAoTDFpZTUxpbnV4Lm5ldDELMAkGA1UECxMCQ0Ex
GDAWBgNVBAMTD2NhLlpZTUxpbnV4Lm5ldDEeMBwGCSqGSIb3DQEJARYPY2FAWllN
TGludXgubmV0ggEAMBoGA1UdEgQTMBGBD2NhQFpZTUxpbnV4Lm5ldDAjBgNVHREE
HDAagRh0czMudGVzdC5jbnouYWxpbWFtYS5jb20wDQYJKoZIhvcNAQEFBQADggIB
AAWHF+E7cQu37DSU2RA3aSEjKN0wixzCcDjQvBRl4lP+r56UcPbJSV264uKqIMRZ
Vq4Sp0haE1NOYrS+vq7+Ws0hnuXaKysNOwcwia2Epi4AHcb81Ou6RLWP5ClVoL/o
2HCzx4wwJsVTP5dHktYYFjUk6rv9bvOl0ESyBtyGKHeG+Vuj+27ZshV3H1IRAgdE
nfUx85hEjVbUmvuWFIE6sw92YnXTFFCSzMjpqU8+fHdd0KQ2z9UBY9KaRhjf57se
oqcQzJGSV67qqJNiIuBLAQJC/5090m+LwDuAm9abRFF/Qz8MZp7ZoxEG8KoqBAXg
3qkNo1e4uQEhlDk9ttMR/BSi9iRxH95EBay0zWWKfrJ+S4zR2cI8/B0hTg42N/Ek
rbeszX4NEu3MZTfxuOwDoQkStHl6Wwe9/DMrqXtn2LyFTSxSOZwTsQCGT0Gxdvvo
e9DM/tTzwttwzWQhcgWv0rpv4T5amGckDtou2cAaSQtpUZ84+HUvIA/2PCUf8vs7
gdkppnxUwemG/KDtqlX9MmTn6hNm3YgbQHPukNX8Mj8YCRAwP65yeZyxI/uysHtn
yoW/dEVqfud0/KnkJD5Bxz3RlOvj0Bg6mqbCB3siDvaLA9TfMbMGnMCbkJ282Kdh
TxeXEoP7oSznRJwTLeYaDBuz7TypMz/6FZ3DJXGjq00O
-----END CERTIFICATE-----
subject=/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
issuer=/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ca.ZYMLinux.net/[email protected]
---
No client certificate CA names sent
---
SSL handshake has read 1738 bytes and written 447 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: 4655CB9C20336F697635D635BA10C454B4CAF65CE6965B74D88053A8930F49D7
Session-ID-ctx:
Master-Key:
B570F0491201E31F6E69A9BD7B0308B628FEB841F2F296F67D48A74D539B54C617E31ACE9A8665893F07B7531908928F
Key-Arg : None
Krb5 Principal: None
Start Time: 1300962759
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: 9A2259F250116E51D7E02D6930EA66F597955A9817B50D902FD60A146884B89E
Session-ID-ctx:
Master-Key:
786BC54F416400E75D3817883618579FADE6EC2654DF97E8D6E862920198641EBE0BA5C3C71831972FC5A5286D4CE983
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962759
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: 1D0DD5DD06E9C2D1190EA13D89D7C5908E82A7DBEC96CFA85975A5643BC7F7AB
Session-ID-ctx:
Master-Key:
A409F56F9AD1155B4D194B7B42B4A3E93A65F75E44B38C1A33A8A51EBA747FF6E6BF9E36241C8422DC5F414E21183F3E
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962759
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: A6FF45E425461DEB031419FE72EC5674A448450BA197FECE8CC27A58CAD0ED55
Session-ID-ctx:
Master-Key:
3C5696BCC95BE15B2352F157340F70E7AA13CE6AA5A07D1F606A617380603D72FB856907511DF168A919ED023FF76BD0
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962759
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: 90A1D6EE36998F47A335578819698EE57933DB788C430D617C8B07E7872D011E
Session-ID-ctx:
Master-Key:
87ED7181AFE13C8A36A5A6A2A9E9912C1E4AADED0053C3F03ADC9E01D9548A4D791A1B4EACB20851585F730E455677E4
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962759
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CN/ST=Beijing/L=Beijing/O=ZYMLinux.net/OU=CA/CN=ts3.test.cnz.alimama.com/emailAddress=ts3.test.cnz.alimama.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: DB52C8DA3A369E05DB5E8A21ED0B7A931AC235651EDF6FFE85F21D5F0452CBF2
Session-ID-ctx:
Master-Key:
90E093DB76E39DA4A534EE73F2EB87CA48B1BC5B2E1D017C0D0ADED02F151A80802729ADEA0DAF54EF6F271413B1E522
Key-Arg : None
Krb5 Principal: None
Compression: 1 (zlib compression)
Start Time: 1300962759
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
DONE
also tested TS on other distribution, works without error:
gentoo:
zymtest1 trafficserver # echo | openssl s_client -reconnect -connect
zymtest1.corp.aliyk.com:443 2>&1 | grep Reused
Reused, TLSv1/SSLv3, Cipher is AES256-SHA
Reused, TLSv1/SSLv3, Cipher is AES256-SHA
Reused, TLSv1/SSLv3, Cipher is AES256-SHA
Reused, TLSv1/SSLv3, Cipher is AES256-SHA
Reused, TLSv1/SSLv3, Cipher is AES256-SHA
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
