logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Even after disabling SSLv3,SSLroutines:ssl3_get_record come

 
Post new topic   Reply to topic    Apache Forum Index -> Apache



View previous topic :: View next topic  
Author Message
sarthakmohanty



Joined: 06 Sep 2018
Posts: 1
Location: India, Chennai

PostPosted: Thu 06 Sep '18 15:15    Post subject: Even after disabling SSLv3,SSLroutines:ssl3_get_record come Reply with quote

I'm running with Apache/2.4.33 (Win64) & OpenSSL/1.1.0h
Even after I disabled SSLv3 under httpd.conf file under Apache HTTPD instance, still I could see below entries under the logs.

[Thu Sep 06 08:03:29.846614 2018] [ssl:info] [pid 41160:tid 1048] [client 10.70.6.88:57840] AH01964: Connection to child 62 established (server fst2msdweb03:17443)
[Thu Sep 06 08:03:29.846614 2018] [ssl:info] [pid 41160:tid 1048] [client 10.70.6.88:57840] AH02008: SSL library error 1 in handshake (server fst2msdweb03:17443)
[Thu Sep 06 08:03:29.846614 2018] [ssl:info] [pid 41160:tid 1048] SSL Library Error: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
[Thu Sep 06 08:03:29.846614 2018] [ssl:info] [pid 41160:tid 1048] [client 10.70.6.88:57840] AH01998: Connection closed to child 62 with abortive shutdown (server fst2msdweb03:17443)

I have added below entries under httpd.conf file after enabling SSL Engine within the same.

SSLProtocol all -SSLv2 -SSLv3

Can anyone help me understand, what's causing this issue & offer any assistance to get this resolved.

It appears to me that, even though SSLv3 is disabled, somehow the system is explicitly trying to use SSLv3 and thus connectivity is failing.

Verified with OpenSSL binaries with s_client option via ssl3 and it's failing with the same exception as I have disabled it & expected.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6494
Location: Germany, Next to Hamburg

PostPosted: Mon 10 Sep '18 17:12    Post subject: Reply with quote

That is an SSL3 Handshake error. Are you sure that your port 443 is open and forwared to apache ( if you use a router)? Sometimes ISPs block that port.

You may test your server at https://www.ssllabs.com/ssltest/

if you still have a question please ask again.
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache
Page 1 of 1