On Mon, Dec 18, 2000 at 09:20:26AM +0100, Markus Brachner wrote:
> OpenSSL 0.9.5a
> Apache/1.3.12
> mod_ssl/2.6.6
Can you reproduce this problem with the latest versions? It doesn't make
sense to hunt bugs already fixed.
> Many SSL-Clients (mainly IE 5.x) have Problems connecting to our SSL secured
> Pages. I read the FAQs which said to disable EXP56, ....
There are special problem when using "upgrade" certificates (certificates
that are used to first open an "export" class connection, then switching to
full strength cryptography).
Do you have such a certificate?
> In many cases it helps that the clients disable SSLv3, sometimes not. I
> enabled the trace to see what's the output of OpenSSL:
>
> [18/Dec/2000 08:32:20 25088] [trace] OpenSSL: Exit: error in SSLv3 read
> client certificate A
> [18/Dec/2000 08:32:20 25088] [trace] OpenSSL: Exit: error in SSLv3 read
> client certificate A
> [18/Dec/2000 08:32:20 25088] [error] SSL handshake interrupted by system
> [Hint: Stop button pressed in browser?!] (System error foll
> ows)
> [18/Dec/2000 08:32:20 25088] [error] System: Connection reset by peer
> (errno: 104)
>
> In newsgroup postings this error message was often seen the last days where
> many answers where "The client stopped the STOP-Button" but forget that,
> this is a real connection problem!
The 'STOP-Button' hint is just a guess. Fact is, that it is the client
shutting down the connection for whatever reason.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
