Article delegate-en/3710 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3709@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Questions about SSLway
17 Apr 2007 17:16:44 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A3709@delegate-en.ML_> on 04/17/07(19:32:01)
you "Kwis Angelo" <phyhabdyi-t7hpjim6bwxr.ml@ml.delegate.org> wrote:
 |I have been running Delegate for the past few days.  However, there are some
 |instances where I cannot establish a session with the HTTPS site.  The
 |console logs show this error:
 |
 |5684:error:1406D044:SSL routines:GET_SERVER_HELLO:internal
 |error:s2_clnt.c:528
 |
 |Oftentimes, i need to restart Delegate so I can re-establish a session with
 |the HTTPS site once more.

Do you mean it succeeds SSL at the beginning till the error?
How oftern does it occur?

 |Also, according to the HTTPS Site guy, he does not see any request coming in
 |from Delegate...
 |
 |Can you help advise what this error mean?  Does this problem happen
 |regarding the client/server authentication phase?
 |
 |Here is how I start the process:
 |
 |./delegated -v -P$DELEDATE_LISTNER_PORT SERVER=http FSV="sslway -ssl2 -Vrfy
 |-CAfile pems/TrivnetCA.crt -cert pems/ggs-delegate.crt -key pems/ggs-
 |delegate.key -pass pass:1234 " MOUNT="/* $HTTPS_HOST_URL/*" RES_WAIT=0
 |DGROOT=/opt/gemalto/delegate951 &

You can see more detailed log of SSLway in the negotiation phase with
the following option:

  TLSCONF=-vd

And you can disable the SSL session cache of DeleGate with this:

  TLSCONF=scache:no

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V