trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean Baptiste Favre <webmas...@jbfavre.org>
Subject Re: ATS & SSL termination
Date Thu, 10 Oct 2013 08:31:18 GMT
Hello,
I thought curl did actually sent SSL, but it seems it's not because I
don't see any SSL Handshake in curl output :-/

I guess curl tries to use HTTP tunnel even if I specify a HTTPS proxy
with export https_proxy="https://my_proxy:443/" or using commandline
option -x/--proxy with same value.

Will dig into it,
Regards,
Jean-Baptiste

On 09/10/2013 19:48, James Peach wrote:
> On Oct 9, 2013, at 9:25 AM, Jean Baptiste Favre <webmaster@jbfavre.org> wrote:
> 
>> Hello James,
>> Thanks for your quick reply.
>>
>> I added following line into ssl_multicert.config:
>> dest_ip=* ssl_cert_name=cert.pem ssl_key_name=key.pem
>>
>> Then run /usr/bin/traffic_server -T ssl and get these logs when
>> launching curl command:
>>
>> Server {0x7ffebb655700} DEBUG: (ssl) [SSLNextProtocolAccept:mainEvent]
>> event 202 netvc 0x22574d0
>> Server {0x7ffebb655700} DEBUG: (ssl) IP context is (nil), default
>> context 0x7ffebc0a5170
>> Server {0x7ffebb655700} DEBUG: (ssl)
>> SSLNetVConnection::sslServerHandShakeEvent, error
>> Server {0x7ffebb655700} ERROR: SSL ERROR: SSL_ServerHandShake.
>> Server {0x7ffebb655700} ERROR: SSL::5:error:1407609B:SSL
>> routines:SSL23_GET_CLIENT_HELLO:https proxy request:s23_srvr.c:423:
>> Server {0x7ffebb655700} DEBUG: (ssl)
>> SSLNetVConnection::sslServerHandShakeEvent, error
>> Server {0x7ffebb655700} ERROR: SSL ERROR: SSL_ServerHandShake.
>> Server {0x7ffebb655700} ERROR: SSL::5:error:1407609B:SSL
>> routines:SSL23_GET_CLIENT_HELLO:https proxy request:s23_srvr.c:423:
>>
>> Will continue debugging tomorrow,
> 
> Are you positive that the curl command you are using is actually sending SSL, rather
than HTTP?
> 
>>
>> Regards,
>> Jean-Baptiste


Mime
View raw message