Article delegate-en/822 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SSLway on NT not working for me..
06 Jun 2000 04:21:49 GMT (Yutaka Sato)

On 06/02/00(00:04) you David Akdikmen <> wrote
in <_A820@delegate-en.ML_>
 |## SSLway[340](localhost) start## SSLway[340](localhost) accept failed
 |324:error:1407609A:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy

This message shows your SSLway is working.
The problem is, as shown in the message, caused at SSLeay(0.9.0b)'s
source code "ssl/s23_srvr.c:326" which will be executed when a client
sends a "CONNECT ..." message in ASCII text on a SSL connection,
instead of expected binary CLIENT_HELLO message of SSL protocol.

 |I get this error from IE5 and Netscape 4.7 clients when I try to connect to
 |https://a_local_http_server/ using the DeleGate proxy.

Those clients seem to be sending "CONNECT ..." message because you
are specifying your DeleGate as a "HTTPS(security) proxy" of them.
So called "security proxy" is just a HTTP proxy server which talks
with clients in bare HTTP, then tunnels HTTPS protocol without any
SSL interpretation.

 |dg6_1_11.exe -p443 SERVER=https FCL=sslway MOUNT="/* http://a_http_server/*"

This DeleGate is running as an origin server which talks with
clients in HTTPS/SSL protocol.   Thus you can't use this DeleGate
as a "security proxy".

Yutaka Sato <>   @ @ 
Computer Science Division, Electrotechnical Laboratory      ( - )
1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan            _<   >_

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]