On Wed, 2007-12-19 at 12:31 -0500, Ben assis wrote:
> Hi, On an imac intel dual core, I recently migrated to Leopard from
> Tiger 10.4.10. On my Tiger client I had installed my own web server
> using openssl and mod_ssl with Apache 1.3 server; https was working
> fine. On Leopard with apache 2.2.6 and OpenSSL 0.9.7, configuration
> files have significantly changed; so, I cannot set my own web server
> to work with openssl under https protocol. Here are relevant
> informations about my settings and error messages : When I comment out
> this line in my http.conf :
> Include /private/etc/apache2/extra/httpd-ssl.conf
> I get this error message in my Console and apache does'nt restart :
> 07-12-12 10:41:00 org.apache.httpd[48677] Syntax error on line 60
> of /private/etc/apache2/extra/httpd-ssl.conf: 07-12-12 10:41:00
> org.apache.httpd[48677] Invalid command 'SSLPassPhraseDialog', perhaps
> misspelled or defined by a module not included in the server
> configuration
> So, I comment line 60 in httpd-ssl.conf like this :
> #SSLPassPhraseDialog builtin After an 'apachectl restart', apache
> does'nt restart and I receive this new error message in my consol log:
> 07-12-12 10:44:04 org.apache.httpd[48720] Syntax error on line 66
> of /private/etc/apache2/extra/httpd-ssl.conf: 07-12-12 10:44:04
> org.apache.httpd[48720] Invalid command 'SSLSessionCache', perhaps
> misspelled or defined by a module not included in the server
> configuration
> and so on with the next directives... There is no other module or file
> which could interfere with my two conf files and I would be surprised
> that original conf files contain such a number of syntax errors !
>
> Other relevant information :
>
>
> - In httpd-vhosts.conf I have declared 2 virtual hosts which works
> fine without httpd-ssl.conf.
> - Phpinfo() tells me that openssl 0.97l is enabled (I do not see any
> enabled mod_ssl module)
> - As my ISP blocks my port 443, I use port 8080.
> - If I send this command in a terminal window :
>
>
> bash-3.2# openssl s_client -connect localhost:8083 -state -debug
> - I receive :
>
>
> CONNECTED(00000003)
> SSL_connect:before/connect initialization
> write to 0040BD60 [00139000] (118 bytes => 118 (0x76))
> 0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00
> .t....K... ..9..
> 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0
> 8..5............
> 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00
> ..3..2../.......
> 0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00
> ................
> 0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80
> @...............
> 0050 - 00 00 03 02 00 80 ad fc-38 5b aa e4 8a c8 16 6f
> ........8[.....o
> 0060 - 85 6e 96 be ca 41 2f ef-51 1d f1 17 a2 7b f1 d3
> .n...A/.Q....{..
> 0070 - 7e 9f 21 18 cc 7b ~.!..{
> SSL_connect:SSLv2/v3 write client hello A
> read from 0040BD60 [0013F000] (7 bytes => 7 (0x7))
> 0000 - 3c 21 44 4f 43 54 59 <!DOCTY
> SSL_connect:error in SSLv2/v3 read server hello A
> 1721:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol:s23_clnt.c:601:
You are not talking SSL on server side, your server_hello packet shoud
start with 0x16 ... but you get 3c 21 ... which is plaint text protocol.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
