Article delegate-en/2201 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2190@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Pb with delegate & sslway
05 Apr 2003 18:17:08 GMT feedback@delegate.org (Yutaka Sato)


On 03/31/03(21:20) you Florent Coste <pryeabdyi-t7hpjijobwxr.ml@ml.delegate.org> wrote
in <_A2190@delegate-en.ML_>
 |<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

Note that posting to feedback@delegate.org must be or at least should be
in plain text.  Posting in HTML will be highly likely to be rejected.

 |i use delegate to do http -> https reverse proxy, i launch delegate with 
 |
 |delegate.exe -v -P8888 SERVER=http FSV=sslway MOUNT="/* https://server/*"
 |ADMIN="xx@yy.."
 |
 |It worked with some version of Apache + OpenSSL, but with the following combination it does not
 |works :
 |
 |Apache/1.3.27 (Unix) Debian GNU/Linux mod_ssl/2.8.9 OpenSSL/0.9.6g 
 |Delegate  7.99 & 8.5 tested
 |
 |mod_ssl config is : (in httpd.conf)
 |
 |<VirtualHost 10.10.196.138:443>
 |DocumentRoot /var/www
 |SSLEngine on
 |SSLlog /var/log/apache/ssl_engine.log
 |SSLLogLevel warn
 |SSLProtocol all
 |SSLCipherSuite HIGH:MEDIUM
 |SSLCertificateFile /etc/apache/ssl.crt/server.crt
 |SSLCertificateKeyFile /etc/apache/ssl.key/server.key
 |</VirtualHost>
 |
 |I also tested with 
 |
 |SSLProtocol -all +SSLv2
 |SSLCipherSuite SSLv2:+HIGH:+MEDIUM:+LOW:+EXP
 |
 |to create a real SSLv2 only server
 |
 |The test is to make an http get on a http://server/page which is transformed in a
 |https://server/page on the apache
 |server.
 |
 |- for a brower which pass through delegate (http URL)
 |
 |0.10.169.114 - - [12/Mar/2003:16:40:19 +0000] "\x80L\x01\x03" 501 - "-" "-" 
 |10.10.169.114 - - [12/Mar/2003:16:41:23 +0000] "\x80L\x01\x03" 501 - "-" "-" 
 |
 |- for browser client which does not pass through delegate (https URL directly to apache)
 |
 |10.10.169.114 - - [13/Mar/2003:09:52:04 +0000] "GET / HTTP/1.1" 200 9314 "-" "Mozilla/4.0
 |(compatible; MSIE 5.5; Windows NT 5.0)" 

Could you show me the messages from SSLway with FSV="sslway -vd" which
should be like follows if without problems ?

 04/06 03:15:10.48 [26646] 1+1: -- Fork(FSV): 26641 -> 26646
 04/06 03:15:10.48 [26646] 1+1: #### execFilter[FSV] [/home/y.sato/delegate/lib/sslway]sslway -vd
 ## SSLway[26646](localhost) start
 ## SSLway[26646](localhost) connected
 ## SSLway[26646](localhost) server's cert. = **subject<</C=JP/ST=Ibaraki/L=Tsukuba/O=Electrotechnical Laboratory/OU=Computer Science Division/CN=Yutaka Sato/Email=ysato@etl.go.jp>> **issuer<</C=JP/ST=Ibaraki/L=Tsukuba/O=Electrotechnical Laboratory/OU=Computer Science Division/CN=Yutaka Sato/Email=ysato@etl.go.jp>>
 ## SSLway[26646](localhost) C-S: 87/87 -> 87/SSL
 ## SSLway[26646](localhost) S-C: 860/860 -> 860
 04/06 03:15:12.38 [26641] 1+1: Location: http://www.delegate.org/delegate/^M
 04/06 03:15:12.38 [26641] 1+1: #HT11 SERVER ver[HTTP/1.1] conn[close]
 04/06 03:15:12.38 [26641] 1+1: HTTP/1.1 302 Content-{Type:text/html Encoding:[/] Leng:517} Server:DeleGate/8.5.1
 ## SSLway[26646](localhost) done

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V