On Dec 6, 2007 7:26 PM, Shiva Subramanian <[EMAIL PROTECTED]> wrote: > hi there, > > recently I turned on the SSL_PROTOCOL & SSL_CIPHER on one of our > web server to gather some statistics on the SSL protocol & ciphers > being used. > > most of the entries have SSLv3, TLSv1, some SSLv2s here and there > and then there are these entries with only a "-" & "-" in place where > the SSL_PROTOCOL & SSL_CIPHER should be. > > for eg: > > XX.XX.83.98 - - [XX/XX/2007:13:31:27 -0500] SSLv3 RC4-MD5 "GET XX > HTTP/1.0" 404 363 "XX" "XX" > XX.XX.83.98 - - [XX/XX/2007:13:31:51 -0500] - - "GET /" 400 596 "-" "-" > XX.XX.83.98 - - [XX/XX/2007:13:32:21 -0500] - - "GET /" 400 596 "-" "-" > > my question is what does the "-" & "-" represent in the > SSL_PROTOCOL & SSL_CIPHER fields respectively. >
The hypen just represents a null variable. In this case, no SSL session was present. The request in the above example returned status code 400 for Bad Request. You can reproduce it by issuing a plain HTTP "GET /" to an HTTPS host. Regards,