HTTPS Problem

Alles, was den Apache betrifft, kann hier besprochen werden.

HTTPS Problem

Postby clumsy » 24. November 2009 23:25

Hallo,

also habe seit einer Woche folgendes Problem.

Ich versuche auf eine https Seite zuzugreifen und habe jetzt keinen Zugang mehr. Alle User haben keinen Zugang mehr.
Plötzlich kam diese Meldung als ich das Benutzerdaten Dialogfenster abgebrochen geklickt habe:

Authorization Required

This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.


Ich wäre für den kleinsten Hinweis was das betrifft sehr sehr dankbar!!!!

Vielleicht könnt ihr aus folgendem error.log etwas erkennen.

Code: Select all
[Mon Nov 16 19:40:09 2009] [debug] mod_authnz_ldap.c(730): [client XX.XXX.XX.XXX] [29040] auth_ldap authorise: require group: authorisation successful (attri
bute memberUid) [Comparison true (cached)][Compare True], referer: https://IPAdresse/seite.php
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#87e7cc0 [mem: 87ef510]
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] (70007)The timeout specified has expired: SSL input filter read failed.
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] Connection closed to child 4 with standard shutdown (server subdomain.webseite.com)
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#87cfd00 [mem: 87d5378]
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] (70007)The timeout specified has expired: SSL input filter read failed.
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] Connection closed to child 3 with standard shutdown (server subdomain.webseite.com)
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#87c9570 [mem: 87f0de8]
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] (70007)The timeout specified has expired: SSL input filter read failed.
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] Connection closed to child 7 with standard shutdown (server subdomain.webseite.com)
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#87e1020 [mem: 87cf878]
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] (70007)The timeout specified has expired: SSL input filter read failed.
[Mon Nov 16 19:40:23 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
[Mon Nov 16 19:40:23 2009] [info] [client XX.XXX.XX.XXX] Connection closed to child 5 with standard shutdown (server subdomain.webseite.com)
[Mon Nov 16 19:40:24 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#8864a20 [mem: 88687b8]
[Mon Nov 16 19:40:24 2009] [info] [client XX.XXX.XX.XXX] (70007)The timeout specified has expired: SSL input filter read failed.
[Mon Nov 16 19:40:24 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
[Mon Nov 16 19:40:24 2009] [info] [client XX.XXX.XX.XXX] Connection closed to child 2 with standard shutdown (server subdomain.webseite.com)
[Mon Nov 16 19:40:24 2009] [debug] ssl_engine_io.c(1828): OpenSSL: I/O error, 5 bytes expected to read on BIO#87d8428 [mem: 886ca50]
[Mon Nov 16 19:40:24 2009] [info] [client XX.XXX.XX.XXX] (70007)The timeout specified has expired: SSL input filter read failed.
[Mon Nov 16 19:40:24 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
[Mon Nov 16 19:40:24 2009] [info] [client XX.XXX.XX.XXX] Connection closed to child 9 with standard shutdown (server subdomain.webseite.com)
[Mon Nov 16 19:40:26 2009] [info] [client ::1] Connection to child 10 established (server subdomain.webseite.com)
[Mon Nov 16 19:40:26 2009] [info] Seeding PRNG with 648 bytes of entropy
[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start
[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/accept initialization
[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 bytes from BIO#87e93f8 [mem: 886dc10] (BIO dump follows)

[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_io.c(1789): | 0000: 4f 50 54 49 4f 4e 53 20-2a 20 48                 OPTIONS * H      |
[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 19:40:26 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv2/v3 read client hello A
[Mon Nov 16 19:40:26 2009] [info] [client ::1] SSL library error 1 in handshake (server subdomain.webseite.com)
[Mon Nov 16 19:40:26 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS
port!?
[Mon Nov 16 19:40:26 2009] [info] [client ::1] Connection closed to child 10 with abortive shutdown (server subdomain.webseite.com)
[Mon Nov 16 20:15:19 2009] [info] [client ::1] Connection to child 2 established (server subdomain.webseite.com)
[Mon Nov 16 20:15:19 2009] [info] Seeding PRNG with 648 bytes of entropy
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/accept initialization
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 bytes from BIO#87d8228 [mem: 88687b8] (BIO dump follows)
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_io.c(1789): | 0000: 4f 50 54 49 4f 4e 53 20-2a 20 48                 OPTIONS * H      |
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:15:19 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv2/v3 read client hello A
[Mon Nov 16 20:15:19 2009] [info] [client ::1] SSL library error 1 in handshake (server subdomain.webseite.com)
[Mon Nov 16 20:15:19 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS
port!?
[Mon Nov 16 20:15:19 2009] [info] [client ::1] Connection closed to child 2 with abortive shutdown (server subdomain.webseite.com)
[Mon Nov 16 20:16:22 2009] [info] [client ::1] Connection to child 6 established (server subdomain.webseite.com)
[Mon Nov 16 20:16:22 2009] [info] Seeding PRNG with 648 bytes of entropy
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/accept initialization
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 bytes from BIO#87f49f0 [mem: 87e6068] (BIO dump follows)
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_io.c(1789): | 0000: 4f 50 54 49 4f 4e 53 20-2a 20 48                 OPTIONS * H      |
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:16:22 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv2/v3 read client hello A
[Mon Nov 16 20:16:22 2009] [info] [client ::1] SSL library error 1 in handshake (server subdomain.webseite.com)
[Mon Nov 16 20:16:22 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS
port!?
[Mon Nov 16 20:16:22 2009] [info] [client ::1] Connection closed to child 6 with abortive shutdown (server subdomain.webseite.com)
[Mon Nov 16 20:17:16 2009] [info] [client ::1] Connection to child 9 established (server subdomain.webseite.com)
[Mon Nov 16 20:17:16 2009] [info] Seeding PRNG with 648 bytes of entropy
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/accept initialization
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 bytes from BIO#87c3cd0 [mem: 886ca50] (BIO dump follows)
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_io.c(1789): | 0000: 4f 50 54 49 4f 4e 53 20-2a 20 48                 OPTIONS * H      |
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:17:16 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv2/v3 read client hello A
[Mon Nov 16 20:17:16 2009] [info] [client ::1] SSL library error 1 in handshake (server subdomain.webseite.com)
[Mon Nov 16 20:17:16 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS
port!?
[Mon Nov 16 20:17:16 2009] [info] [client ::1] Connection closed to child 9 with abortive shutdown (server subdomain.webseite.com)
[Mon Nov 16 20:41:59 2009] [info] [client XX.XXX.XX.XXX] Connection to child 3 established (server subdomain.webseite.com)
[Mon Nov 16 20:41:59 2009] [info] Seeding PRNG with 648 bytes of entropy
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/accept initialization
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 11/11 bytes from BIO#87cfd00 [mem: 886ea88] (BIO dump follows)
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1789): | 0000: 16 03 01 05 47 01 00 05-43 03 01                 ....G...C..      |
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 1345/1345 bytes from BIO#87cfd00 [mem: 886ea93] (BIO dump follows)
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+

GANZ LANGER SSL SCHLüSSEL

[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 read client hello A
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write server hello A
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write certificate A
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1143): [client XX.XXX.XX.XXX] handing out temporary 1024 bit DH key
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write key exchange A
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write certificate request A
[Mon Nov 16 20:41:59 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 flush data
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 5/5 bytes from BIO#87cfd00 [mem: 886ea88] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0000: 16 03 01 05 73                                   ....s            |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 1395/1395 bytes from BIO#87cfd00 [mem: 886ea8d] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+

GANZ LANGER SSL SCHLüSSEL

[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1190): Certificate Verification: depth: 1, subject: /C=DE/ST=sonstwo/L=sonstwo/CN=subdomain.domain.com, i
ssuer: /C=DE/ST=sonstwo/L=sonstwo/CN=subdomain.domain.com
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1382): CA CRL: Issuer: C=DE, ST=sonstwo, L=sonstwo, CN=subdomain.domain.com, lastUpdate: Jan 26 15:40:19
2009 GMT, nextUpdate: Jan 24 15:40:19 2019 GMT
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1190): Certificate Verification: depth: 0, subject: /C=DE/O=irgenteine/CN=tabelle, issuer:
 /C=DE/ST=sonstwo/L=sonstwo/CN=subdomain.domain.com
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 read client certificate A
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 read client key exchange A
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 read certificate verify A
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 5/5 bytes from BIO#87cfd00 [mem: 886ea88] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0000: 14 03 01 00 01                                   .....            |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 1/1 bytes from BIO#87cfd00 [mem: 886ea8d] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0000: 01                                               .                |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 5/5 bytes from BIO#87cfd00 [mem: 886ea88] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0000: 16 03 01 00 30                                   ....0            |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 48/48 bytes from BIO#87cfd00 [mem: 886ea8d] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0000: c7 c2 7c fb 92 ce 23 94-94 fe 61 1d 39 f7 a2 51  ..|...#...a.9..Q |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0010: a2 9a a2 75 73 c4 24 f9-50 6a f3 ec f9 d6 91 7b  ...us.$.Pj.....{ |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0020: b1 23 e8 8a 77 11 fe e9-85 c2 fe cd 5d 62 2a e6  .#..w.......]b*. |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 read finished A
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write change cipher spec A
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write finished A
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 flush data
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(679): inside shmcb_store_session
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(685): session_id[0]=219, masked seite=27
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(1068): entering shmcb_insert_encoded_session, *queue->pos_count = 0
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(992): entering shmcb_expire_division
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(1124): we have 14386 bytes and 133 seitees free - enough
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(1153): storing in seite 0, at offset 0
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(1168): session_id[0]=219, idx->s_id2=21
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(1179): leaving now with 1142 bytes in the cache and 1 seitees
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(1183): leaving shmcb_insert_encoded_session
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(713): leaving shmcb_store successfully
[Mon Nov 16 20:42:01 2009] [debug] ssl_scache_shmcb.c(427): shmcb_store successful
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1598): Inter-Process Session Cache: request=SET status=OK id=DB155BD34DAAF2A9823EA2DC277ACE17A3ECF335A
8A775A3B7DC264E3665C140 timeout=298s (session caching)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_kernel.c(1756): OpenSSL: Handshake: done
[Mon Nov 16 20:42:01 2009] [info] Connection: Client IP: XX.XXX.XX.XXX, Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 5/5 bytes from BIO#87cfd00 [mem: 886ea88] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0000: 17 03 01 03 40                                   ....@            |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1817): OpenSSL: read 832/832 bytes from BIO#87cfd00 [mem: 886ea8d] (BIO dump follows)
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1750): +-------------------------------------------------------------------------+

GANZ LANGER SSL SCHLüSSEL

[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1789): | 0330: 63 47 38 b6 39 2c 1f 32-5f a4 63 83 52 93 1f a6  cG8.9,.2_.c.R... |
[Mon Nov 16 20:42:01 2009] [debug] ssl_engine_io.c(1795): +-------------------------------------------------------------------------+
[Mon Nov 16 20:42:01 2009] [info] Initial (No.1) HTTPS request received for child 3 (server subdomain.webseite.com)
[Mon Nov 16 20:42:01 2009] [debug] mod_authnz_ldap.c(377): [client XX.XXX.XX.XXX] [31076] auth_ldap authenticate: using URL ldap://IPDES LDAPSERVER/dc=domain
,dc=com?uid?sub?(objectClass=*), referer: https://IPADRESSE.seite.php
[Mon Nov 16 20:42:01 2009] [warn] [client XX.XXX.XX.XXX] [31076] auth_ldap authenticate: user meinusername authentication failed; URI seite.php [ldap_simple_bind_s() to check user credentials failed][Invalid credentials], referer: https://IPADRESSE.seite.php
[Mon Nov 16 20:42:01 2009] [error] [client XX.XXX.XX.XXX] user meinusername: authentication failure for "seite.php": Password Mismatch, refer
er: https://IPADRESSE.seite.php


Dort steht ganz unten Password Mismatch. Die Benutzerdaten sind aber 100% korrekt.
Vielen Dank schon im voraus für jede Antwort.
clumsy
 
Posts: 3
Joined: 24. November 2009 23:10

Re: HTTPS Problem

Postby Stepke-DSL » 25. November 2009 07:49

Hallo,

Wie ich sehe verwendest du LDAP zur Benutzerverwaltung.
Wie sieht denn deine .htaccess aus, also im speziellen der Require-Part?

MfG Stepke
Stepke-DSL
 
Posts: 313
Joined: 12. July 2007 16:08
Operating System: Win XP Pro SP3 + SuSe Linux

Re: HTTPS Problem

Postby Nobbie » 25. November 2009 11:05

Für mich sieht das nach einem Serverproblem aus (vielleicht sogar Hardware)?

Hast Du am Server irgendetwas vorher verändert? Oder hast Du gar keinen Zugriff auf die Konfiguration? Ist der Server mal neu gestartet worden? Aus irgendeinem Grund hat die SSL Engine Probleme mit dem Zugriff auf Shared Memory.

Die Fehlermeldung "OpenSSL: I/O error, 5 bytes expected to read on" bringt in Google tausende von Treffern. aber nicht eine einzige Lösung.
Nobbie
 
Posts: 8762
Joined: 09. March 2008 13:04

Re: HTTPS Problem

Postby clumsy » 27. November 2009 00:34

hallo,

vielen Dank für eure Antworten. :D
Ich habe übersehen die Posts hier zu prüfen.

Vielleich hilft ein wenig Hintergrundgeschichte:

Server A: Master (IP)
Server B: Slave (LDAP)
Server C: Webserver (Webseite)

Ich gebe die IP des Servers A im Browser ein. Es wird eine Verbindung zu Server B hergestellt. Zertifikate werden ausgetauscht. Nach Erfolg wird weitergeleitet auf https://IP_Adresse_Server_A/index.php.

Ich konnte immer auf die https Seite zugreifen. Von den einen auf den anderen Tag war der Zugriff auf einmal falsch.
Dabei sind die Zugangsdaten 100% korrekt.


Zu Stepke-DSL:

Die verifizierung läuft auch über LDAP.
Ich bin wirklich neu in diesen Dingen.
Ich weiß noch nicht wo ich die .htacces Datei finde, aber ich mach mich sofort auf die Suche.

Zu Nobbie:

Ich habe vollen Zugriff auf alle Server.

Ich glaube nicht das es an der Hardware liegt. Die Server sind 6 Monate alt (oder ist das Alter unabhängig?).

Der Slave musste einmal Wochen vor der Zugriffsverweigerung an der Maschine direkt hart aus und angeschaltet werden.

Der Webserver wurde einmal per reboot neugestartet.

Ich habe leider (auf meine Finger klopf) ein paar ldappasswd bzw. schlimmer noch slappasswd befehle ausprobiert.
Dabei wurden natürlich diverse Passowrtschlüssel generiert. Ich habe mit den Schlüsseln jedoch nichts angefangen.

Ich suche shon seit 2 Wochen nach dem Problem... dabei bin ich noch auf einen brauchbaren Thread gestoßen:

http://www.modssl.org/docs/2.0/

Hier steht und auch in manch anderen Berichten das Fehler wie folgendder auftreten wenn eine SSL Version geupdatet wurde.

Code: Select all
[Mon Nov 16 20:15:19 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS
clumsy
 
Posts: 3
Joined: 24. November 2009 23:10

Re: HTTPS Problem

Postby Stepke-DSL » 27. November 2009 07:46

Also aufgrund von den letzten beiden Fehlermeldungen würde ich auf ein .htaccess, oder ein LDAP-Problem tippen.
Code: Select all
[Mon Nov 16 20:42:01 2009] [warn] [client XX.XXX.XX.XXX] [31076] auth_ldap authenticate: user meinusername authentication failed; URI seite.php [ldap_simple_bind_s() to check user credentials failed][Invalid credentials], referer: https://IPADRESSE.seite.php
[Mon Nov 16 20:42:01 2009] [error] [client XX.XXX.XX.XXX] user meinusername: authentication failure for "seite.php": Password Mismatch, refer
er: https://IPADRESSE.seite.php

Hast du in der .htaccess, bzw. in der httpd.conf einen bind-usernamen angegeben?
Nach was filterst du? Nach Gruppen, oder nach einzelnen Benutzern?
Schau mal auf dem LDAP-Server nach, was in den Logs steht...

MfG Stepke
Stepke-DSL
 
Posts: 313
Joined: 12. July 2007 16:08
Operating System: Win XP Pro SP3 + SuSe Linux

Re: HTTPS Problem

Postby clumsy » 27. November 2009 17:01

Also ich habe jetzt auf allen Servern nachgeschaut.

Server A (Master): hier gibt es keine .htaccess Datei.

Server B (Slave): hier ist der LDAP Server installiert, hier gibt es keine .htaccess Datei.

Server C (Web): hier gibt es keine .htaccess Datei.

Die Webseite bzw. dessen Verzeichnis liegt sowohl auf Server A als auch auf Server C.

Es gibt eine PHP Datei die User mit Hilfe von LDAP überprüft. In dieser Datei gibt es auch einen dn.

Benutzer müssen einer bestimmten Gruppe angehören

Gibt es hier eine andere Variante der Prüfung ausser .htaccess?
clumsy
 
Posts: 3
Joined: 24. November 2009 23:10

Re: HTTPS Problem

Postby Stepke-DSL » 30. November 2009 08:22

Dann müsste man mal in die PHP-Datei schauen können.
Stepke-DSL
 
Posts: 313
Joined: 12. July 2007 16:08
Operating System: Win XP Pro SP3 + SuSe Linux


Return to Apache

Who is online

Users browsing this forum: No registered users and 6 guests