Run this command line and try to connect to it. openssl s_server -accept 4443 -www -cert pathtocert -key pathtokey -state
1) Make sure to change "pathtocert" and "pathtokey" to the appropriate values, and for additional debug info add -debug... 2) Try to make sure you are using the same openssl that you compiled apache with It simply creates a weblike version of SSL on port 4433 WITHOUT apache that will print some debug info to the client.... feel free to "man s_server" to get info about the program At least this way, you will be able to find out if the problem is with SSL, or if it with (mod_ssl+apache) PS... please let me know as I am confronted with the EXACT problem you have, and have been for 3 years... even after a full Linux redhat upgrade to 7.2 (complete reformat, re-install) To date, I haven't found a machine that is afflicted with the problem that I can do this with :( ----- Original Message ----- From: "Christopher Taranto" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, January 17, 2002 11:10 PM Subject: RE: MSIE + "The page cannot be displayed" error > Hi, > > I have been trying to fix the known MSIE browser issues in my configuration > with some issues still occuring. > > I have read the FAQ, searched the archives, and implemented the solutions > that have been documented - but I am still getting the dreaded "The page > cannot be displayed" error when certain MSIE browsers attempt to connect to > my site. I get the infamous log entry: > > [Fri Jan 18 00:55:53 2002] [error] mod_ssl: SSL handshake interrupted by > system [Hint: Stop button pressed in browser?!] (System error follows) > [Fri Jan 18 00:55:53 2002] [error] System: Connection reset by peer > (errno: 104) > > Fortunately (for my sanity), I have one of non-working versions of the MSIE > browsers (5.00.2614.3500) on one of the machines in my office so I can > repeatedly create the errors. > > I am determined to squash this thing but I do not know where to go next. > > I have included the following information below: > > * SYSTEM INFORMATION > * CONFIGURATION INFORMATION > * BROWSER VERSION INFORMATION > * CERTIFICATE STATISTICS FROM THE BROWSER > > Any help or further direction would be greatly appreciated! > > Sincerely, > > Christopher Taranto > > > SYSTEM INFORMATION: > =================== > > I am running Red Hat 6.2 on a Pentinum III using: > > * mod_ssl-2.8.5-1.3.22 > * openssl-0.9.6b > * mm-1.1.3 > > > CONFIGURATION INFORMATION: > ========================== > > <IfModule mod_ssl.c> > > AddType application/x-x509-ca-cert .crt > AddType application/x-pkcs7-crl .crl > > SSLPassPhraseDialog builtin > > # I have also tried dbm but there was no difference > SSLSessionCache > shm:/usr/local/apache/logs/ssl_gcache_data(512000) > SSLSessionCacheTimeout 300 > > SSLMutex file:logs/ssl_mutex > > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > > SSLLog logs/ssl_engine_log > SSLLogLevel info > > </IfModule> > > <VirtualHost> > > <snip> > > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > > BrowserMatch "MSIE [1-4]" nokeepalive \ > ssl-unclean-shutdown \ > downgrade-1.0 \ > force-response-1.0 > > BrowserMatch "MSIE [5-9]" ssl-unclean-shutdown > > BrowserMatch "Mozilla/4..*PC)" nokeepalive \ > downgrade-1.0 \ > force-response-1.0 > > </snip> > > </VirtualHost> > > > BROWSER VERSION INFORMATION > =================================== > > MSIE 5.00.2614.3500 > Cipher Strength: 40-bit > > > CERTIFICATE STATS FROM THE BROWSER > =================================== > > My certificate was generated using 1024 bits. > > Version: V3 > Serial Number: 5A55 3FAD EB43 6649 7F8B 39BB 1D33 6DE1 > Signature Algorithm: md5RSA > Public Key: 3081 8902 8181 00BD D63A 500D 0FE0 CCA2 E7BB 804B 53DA E4CE > 9F51 3D54 93A3 5D2E FC0E E3E2 7046 1EFF 6826 BB30 B8DC 4903 9A32 345F E769 > 31D7 D313 6ECD 62BD 2CBE C070 AFD5 C1C8 9920 7442 5E44 2AED 7878 A566 DD3A > 3445 0612 919A 0B74 2F6A E806 080F C7E7 9C68 7FAC 51D3 4EA9 0BC3 ABAF 27D2 > 2C95 0A09 CD12 61B3 4DF2 0A88 1379 7552 5B1C D4CE 9F02 0301 0001 > Basic Constraints: Subject Type=End Entity > Path Length Constraint=None > Key Usage: Digital Signature, Key Encipherment(A0) > > [1]CRL Distribution Point > Distribution Point Name: > Full Name: > URL=http://crl.verisign.com/RSASecureServer.crl > > [1]Certificate Policy: > PolicyIdentifier=2.16.840.1.113733.1.7.1.1 > [1,1]Policy Qualifier Info: > Policy Qualifier Id=1.3.6.1.5.5.7.2.1 > Qualifier=161C 6874 7470 733A 2F2F 7777 772E 7665 7269 7369 676E > 2E63 6F6D 2F43 5053 > [1,2]Policy Qualifier Info: > Policy Qualifier Id=1.3.6.1.5.5.7.2.2 > Qualifier=3056 3015 160E 5665 7269 5369 676E 2C20 496E 632E 3003 > 0201 011A 3D56 6572 6953 6967 6E27 7320 4350 5320 696E 636F 7270 2E20 6279 > 2072 6566 6572 656E 6365 206C 6961 622E 206C 7464 2E20 2863 2939 3720 5665 > 7269 5369 676E > > Server Authentication(1.3.6.1.5.5.7.3.1) > Client Authentication(1.3.6.1.5.5.7.3.2) > > 2.16.840.1.113733.1.6.15: > 16 09 39 32 36 30 32 32 ..926022 > 34 32 37 427 > > Authority Information Access: [1]Authority Info Access > AccessMethod=On-line Certificate Status Protocol(1.3.6.1.5.5.7.48.1) > Alternative Name: > URL=http://ocsp.verisign.com > > Thumbprint Algorithm: sha1 > Thumbprint: CC1C DD7D BE05 C813 F119 813B 86E6 5717 5583 F981 > > > > > > > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
