hey all,
if i tell ie to not use sslv3 or tlsv1 in the advanced options
(theorizing that it would then use sslv2, which was enabled) I still do not
connect, however I get very different errors in the ssl_engine_log than what
I was getting when trying to connect via sslv3. I can post those errors if
needed.
----- Original Message -----
From: "Jeff Gelina" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, July 16, 2000 12:28 PM
Subject: Re: msie AGAIN
> Ok, when I put it in debug mode with the new configuration I found that
one
> log file and only one file changes when i try to access the https site
with
> IE. That file is ssl_engine_log and here is what changes minus the bio
> dumps which were just a bunch of hex.
>
> [16/Jul/2000 11:18:25 15029] [info] Seeding PRNG with 1160 bytes of
entropy
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Handshake: start
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: before/accept
> initialization
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 11/11 bytes from
> BIO#080F4AA8
> [mem: 080FA1F0] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [trace] Inter-Process Session Cache:
> request=GET st
> atus=MISSED
> id=309590E9D2CA6A50F56AC3475AF55D91F0436BB996781DECB16C18A37AB60355
> (session renewal)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 read client
hello
> A
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write server
hello
> A
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write
certificate
> A
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write server
done
> A
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: write 876/876 bytes to
> BIO#080F4AA
> 8 [mem: 08107688] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 flush data
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 5/5 bytes from
> BIO#080F4AA8 [
> mem: 080FA1F0] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 134/134 bytes from
> BIO#080F4A
> A8 [mem: 080FA1F5] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 read client key
> exchan
> ge A
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 5/5 bytes from
> BIO#080F4AA8 [
> mem: 080FA1F0] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 1/1 bytes from
> BIO#080F4AA8 [
> mem: 080FA1F5] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 5/5 bytes from
> BIO#080F4AA8 [
> mem: 080FA1F0] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 36/36 bytes from
> BIO#080F4AA8
> [mem: 080FA1F5] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 read finished A
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write change
> cipher sp
> ec A
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write finished A
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: write 47/47 bytes to
> BIO#080F4AA8
> [mem: 08107688] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 flush data
> [16/Jul/2000 11:18:25 15029] [trace] Inter-Process Session Cache:
> request=SET st
> atus=OK
id=95F69C732CD78360E18A4C3E7786223C9117E932FB7848875B0892B06210F8A8
> time
> out=300s (session caching)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Handshake: done
> [16/Jul/2000 11:18:25 15029] [info] Connection: Client IP: 209.12.32.66,
> Protoc
> ol: TLSv1, Cipher: EXP1024-RC4-SHA (56/128 bits)
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 0/18437 bytes from
> BIO#080F4A
> A8 [mem: 080FA1F0] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: write 27/27 bytes to
> BIO#080F4AA8
> [mem: 08102A00] (BIO dump follows)
> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Write: SSL negotiation
> finished su
> ccessfully
> [16/Jul/2000 11:18:25 15029] [info] Connection to child 0 closed with
> standard
> shutdown (server minnesota.coinfotech.com:443, client 209.12.32.66)
>
> Can you decipher this???
>
> ----- Original Message -----
> From: "Martin Lichtin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, July 15, 2000 7:18 PM
> Subject: Re: msie AGAIN
>
>
> > > Ok, I have done as you have requested (it was a pain in the butt) you
> will
> > > see the new page at http://minnesota.coinfotech.com but you will not
> be
> > > able to access the https with any ie browser. Netscape will see it
just
> > > fine. Hence, same problem.
> >
> > What messages do you see in the ssl.log when you increase the debug
level?
> > Try
> > SSLLog ssl.log
> > SSLLogLevel debug
> >
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
