Article delegate-en/692 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] HTTPS to HTTP proxy and 128 bit encrypti
10 Feb 2000 16:33:44 GMT Horia Georgescu <pbyaabdyi-gztnjk3cfbnr.ml@ml.delegate.org>


Hi,

I'm using for quite a while, with total success and confidence, DeleGate   
for https to http proxying.
I had recently to change the expired certificate (made with SSLeay) and   
delegated is now accepting connections from only 128 bit capable   
browsers.
I probably didn't respect the original values (key length) I was using   
when creating the previous self signed certificate, but still, I'm not   
clear what is determining this behavior, and I would appreciate some   
suggestion.

Another question, related to the first, is how to provide an intelligible   
error message to browsers which are not capable of 128 bit encryption?   
How can be DeleGate customized to send back an error page stating the   
problem?

The browser (Netscape) is displaying the following message: "An I/O error   
occurred during security authorization. Please try your connection   
again."

While in the log this is what delegated says:

02/10 11:22:37.79 [27617] 329+0: (0) accepted [20]   
 -@[a.b.c.d]web.oasis.com:1503(0.005s)(1)
02/10 11:22:37.79 [27617] 329+0: PATH:   
https://-:443!web.oasis.com:443!web.oasis.com:1503!anonymous@web.oasis.com  
;9501
99757
## SSLway[27618](web.oasis.com) start
## SSLway[27618](web.oasis.com) accept failed
27618:error:1409B0AB:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:missing   
tmp rsakey:s3_srvr.c:926:
02/10 11:22:37.83 [27617] 329+0: disconnected [20]   
 -@[a.b.c.d]web.oasis.com:1503 (0.050s)(0)02


Your feedback is much appreciated,
Horia


 -----Original Message-----
From: Horia Georgescu
Sent: Wednesday, February 02, 2000 9:57 AM
To: 'delegate-en@smtpgate.etl.go.jp'
Subject: RE: not able to pass ftp requests through http proxy


Just had the idea to switch the web browser from ie5 to netscape. I was   
able to reach one of the unreachable before ftp sites.
I looks like it has something to do with the browser. If any more   
problems I'll post another message.
Thanks and regards,
Horia

 -----Original Message-----
From: Horia Georgescu
Sent: Wednesday, February 02, 2000 9:26 AM
To: 'delegate-en@smtpgate.etl.go.jp'
Subject: not able to pass ftp requests through http proxy


Hi,
my last questions were left without any echo, still I'm trying a new one:

This is the startup script i'm using for running a http proxy:
/usr/local/etc/delegated5.9.13 -vd -P199.199.199.199:8088 \
SERVER=http://-/-/ \
PERMIT="*:*:*" \
RELIABLE="*" \
REMITTABLE="http,https,gopher,ftp,wais" \
LOGDIR="/logs/delegate" \
ADMIN=nsa@oasis-technology..
~

from what I recall seing in some previous version a web browser   
attempting to open ftp://ftp.somesite.com was able to pass through   
delegate. Testing again this feature I'm getting request timeout and in   
delegated log there is no evidence of what is happening even if running   
with debug on.

Any hint, please?

Thanks,
Horia Georgescu
pbyaabdyi-gztnjk3cfbnr.ml@ml.delegate.org


  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V