[
https://issues.apache.org/jira/browse/TS-1392?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13429675#comment-13429675
]
Leif Hedstrom commented on TS-1392:
-----------------------------------
Confirmed that this fails on Windows/XP with IE.
{code}
[Aug 6 20:42:27.364] Server {0x7f5c361d7700} DEBUG: (ssl)
[SSLNextProtocolAccept:mainEvent] event 202 netvc 0x482e530
[Aug 6 20:42:27.364] Server {0x7f5c361d7700} DEBUG: (ssl) setting SNI
callbacks with initial ctx 0x1908d80
[Aug 6 20:42:27.364] Server {0x7f5c361d7700} DEBUG: (ssl) ssl=0x1a98f00 ad=112
lookup=0xf05400 server=(null)
[Aug 6 20:42:27.364] Server {0x7f5c361d7700} DEBUG: (ssl) found SSL context
0x1908b40 for requested name '(null)'
[Aug 6 20:42:27.427] Server {0x7f5c361d7700} DEBUG: (ssl)
SSLNetVConnection::sslServerHandShakeEvent, error
[Aug 6 20:42:27.428] Server {0x7f5c361d7700} ERROR: SSL ERROR:
SSL_ServerHandShake.
[Aug 6 20:42:27.428] Server {0x7f5c361d7700} ERROR: SSL::9:error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1235:
[Aug 6 20:42:27.428] Server {0x7f5c361d7700} DEBUG: (ssl)
[SSLNextProtocolAccept:mainEvent] event 3 netvc 0x482e530
[Aug 6 20:42:27.432] Server {0x7f5c35dd3700} DEBUG: (ssl)
[SSLNextProtocolAccept:mainEvent] event 202 netvc 0x488e530
[Aug 6 20:42:27.432] Server {0x7f5c35dd3700} DEBUG: (ssl) setting SNI
callbacks with initial ctx 0x1908d80
[Aug 6 20:42:27.432] Server {0x7f5c35dd3700} DEBUG: (ssl) ssl=0x1a99900 ad=112
lookup=0xf05400 server=(null)
[Aug 6 20:42:27.432] Server {0x7f5c35dd3700} DEBUG: (ssl) found SSL context
0x1908b40 for requested name '(null)'
[Aug 6 20:42:27.444] Server {0x7f5c35dd3700} DEBUG: (ssl)
SSLNetVConnection::sslServerHandShakeEvent, error
[Aug 6 20:42:27.444] Server {0x7f5c35dd3700} ERROR: SSL ERROR:
SSL_ServerHandShake.
[Aug 6 20:42:27.444] Server {0x7f5c35dd3700} ERROR: SSL::13:error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1235:
[Aug 6 20:42:27.444] Server {0x7f5c35dd3700} DEBUG: (ssl)
[SSLNextProtocolAccept:mainEvent] event 3 netvc 0x488e530
[Aug 6 20:42:27.448] Server {0x7f5c35dd3700} DEBUG: (ssl)
[SSLNextProtocolAccept:mainEvent] event 202 netvc 0x488e530
[Aug 6 20:42:27.448] Server {0x7f5c35dd3700} DEBUG: (ssl) setting SNI
callbacks with initial ctx 0x1908d80
[Aug 6 20:42:27.448] Server {0x7f5c35dd3700} DEBUG: (ssl)
SSLNetVConnection::sslServerHandShakeEvent, syscall
[Aug 6 20:42:27.448] Server {0x7f5c35dd3700} DEBUG: (ssl)
[SSLNextProtocolAccept:mainEvent] event 3 netvc 0x488e530
{code}
> requiring SNI for SSL termination
> ---------------------------------
>
> Key: TS-1392
> URL: https://issues.apache.org/jira/browse/TS-1392
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Affects Versions: 3.2.0
> Environment: RHEL6, wildcard SSL certificate
> Reporter: Jan-Frode Myklebust
> Assignee: James Peach
> Priority: Critical
> Fix For: 3.3.0
>
>
> It seems ATS require a Server Name Indication to complete the SSL handshake,
> ref: https://community.qualys.com/thread/10387
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
