trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jpe...@apache.org>
Subject Re: Apache Traffic Server ver 3.2.4 https setup failing
Date Wed, 19 Jun 2013 17:26:27 GMT
On Jun 19, 2013, at 10:18 AM, Dave G Gmail Main <davmgingras@gmail.com> wrote:

> Hi I installed ATS Version 3.2.4 on Ubuntu version 12
>  
> Configure for http like this :
>  
> records.config
>  
> CONFIG proxy.config.proxy_name STRING proxy01.DomainName.local
>  
> CONFIG proxy.config.http.server_ports STRING 80
>  
> CONFIG proxy.config.http.connect_ports STRING 443 563
>  
> CONFIG proxy.config.reverse_proxy.enabled INT 0
>  
> CONFIG proxy.config.url_remap.remap_required INT 0
>  
> remap.config
>  
> map http://SomeDNSName.abc.xyz.com/ http://TheRealWebServer.SubDomainName.DomainName.local:8090
>  
> start traffic server
>  
> Everything works great a get.
>  
> I put this in my browser address:
> http://SomeDNSName.abc.xyz.com/
>  
> And I get the results I expect.
>  
>  
>  
> But when I configure it to do https, this is when I get errors like  “ssl connection
error” in the browser. But I know my certs and key are good as I used them in ATS Version
3.0.4 and they worked fine.

Dave,

This config looks reasonable. There is a 'ssl' diagnostic tag which will log debug information
about the certificate loading and selection processes.

Additionally, 'curl -v' will show you the SSL certificate that is actually served. Can you
post the output of that?

J


>  
> Here is my config for https :
>  
> records.config
>  
> CONFIG proxy.config.proxy_name STRING proxy01.DomainName.local
>  
> CONFIG proxy.config.http.server_ports STRING 443
>  
> CONFIG proxy.config.http.connect_ports STRING 443 563
>  
> CONFIG proxy.config.reverse_proxy.enabled INT 0
>  
> CONFIG proxy.config.url_remap.remap_required INT 0
>  
> CONFIG proxy.config.ssl.server.cert_chain.filename STRING abc.xyz.com.crt
>  
> CONFIG proxy.config.ssl.server.cert.path STRING etc/trafficserver
>  
> CONFIG proxy.config.ssl.server.private_key.path STRING etc/trafficserver
>  
>  
>  
> remap.config
>  
> map https://SomeDNSName.abc.xyz.com/ http://TheRealWebServer.SubDomainName.DomainName.local:8090
>  
> ssl_multicert.config
>  
> dest_ip=*       ssl_cert_name=abc.xyz.com.crt ssl_key_name=abc.xyz.com.key
>  
> start traffic server
>  
> It fails to load the page.
>  
> Error.log has these errors
>  
> 0130619.12h59m46s BODY_FACTORY: using hardcoded default 'connect#dns_failed' body for
url 'http://?%?☺7???RE?a?U!????bE???'
> 0130619.12h59m46s RESPONSE: sent xxx.xxx.xxx.xxx status 502 (Cannot find server.) for
'http://?%?☺7???RE?a?U!????bE???'
> 0130619.12h59m46s BODY_FACTORY: using hardcoded default 'request#syntax_error' body for
url '/'
> 0130619.12h59m46s RESPONSE: sent xxx.xxx.xxx.xxx status 400 (Invalid HTTP Request) for
'/'
> 0130619.12h59m46s BODY_FACTORY: using hardcoded default 'connect#dns_failed' body for
url 'http://??s'
> 0130619.12h59m46s RESPONSE: sent xxx.xxx.xxx.xxx status 502 (Cannot find server.) for
'http://??s'
> 0130619.12h59m49s BODY_FACTORY: using hardcoded default 'request#syntax_error' body for
url '/'
> 0130619.12h59m49s RESPONSE: sent xxx.xxx.xxx.xxx status 400 (Invalid HTTP Request) for
'/'
> 0130619.12h59m49s BODY_FACTORY: using hardcoded default 'request#syntax_error' body for
url '/'
> 0130619.12h59m49s RESPONSE: sent xxx.xxx.xxx.xxx status 400 (Invalid HTTP Request) for
'/'
> 0130619.12h59m49s BODY_FACTORY: using hardcoded default 'request#syntax_error' body for
url '/'
> 0130619.12h59m49s RESPONSE: sent xxx.xxx.xxx.xxx status 400 (Invalid HTTP Request) for
'/'
>  
>  
>  
> Any help would be appreciated.
>  
> Let me know if you need more info to help.
>  
> Dave


Mime
View raw message