Hey Stunnel guys!

 

I’ve got a bit of an issue in which users on ie6 cannot connect through HTTPs to my haproxy cluster, they get a 404 page cannot be displayed.

 

Works fine in all other browsers ;)

 

The logs from Stunnel are:

 

2012.06.13 01:06:09 LOG7[28347:47884616028640]: local socket: FD=14 allocated (non-blocking mode)

2012.06.13 01:06:09 LOG7[28347:47884616028640]: Service incoming-https accepted FD=14 from [ClientIP]:1208

2012.06.13 01:06:09 LOG7[28347:1078843712]: Service incoming-https started

2012.06.13 01:06:09 LOG7[28347:1078843712]: Option TCP_NODELAY set on local socket

2012.06.13 01:06:09 LOG7[28347:1078843712]: Waiting for a libwrap process

2012.06.13 01:06:09 LOG7[28347:1078843712]: Acquired libwrap process #0

2012.06.13 01:06:09 LOG7[28347:1078843712]: Releasing libwrap process #0

2012.06.13 01:06:09 LOG7[28347:1078843712]: Released libwrap process #0

2012.06.13 01:06:09 LOG7[28347:1078843712]: Service incoming-https permitted by libwrap from [ClientIP]:1208

2012.06.13 01:06:09 LOG5[28347:1078843712]: Service incoming-https accepted connection from [ClientIP]:1208

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): before/accept initialization

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 read client hello A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write server hello A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write certificate A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write server done A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 flush data

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 read client key exchange A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 read finished A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write change cipher spec A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write finished A

2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 flush data

2012.06.13 01:06:09 LOG7[28347:1078843712]:    1 items in the session cache

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 client connects (SSL_connect())

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 client connects that finished

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 client renegotiations requested

2012.06.13 01:06:09 LOG7[28347:1078843712]:    1 server connects (SSL_accept())

2012.06.13 01:06:09 LOG7[28347:1078843712]:    1 server connects that finished

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 server renegotiations requested

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 session cache hits

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 external session cache hits

2012.06.13 01:06:09 LOG7[28347:1078843712]:    1 session cache misses

2012.06.13 01:06:09 LOG7[28347:1078843712]:    0 session cache timeouts

2012.06.13 01:06:09 LOG6[28347:1078843712]: SSL accepted: new session negotiated

2012.06.13 01:06:09 LOG6[28347:1078843712]: Negotiated ciphers: DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1

2012.06.13 01:06:09 LOG7[28347:1078843712]: remote socket: FD=15 allocated (non-blocking mode)

2012.06.13 01:06:09 LOG6[28347:1078843712]: connect_blocking: connecting [HAPROXY IP]:81

2012.06.13 01:06:09 LOG7[28347:1078843712]: connect_blocking: s_poll_wait [HAPROXY IP]:81: waiting 10 seconds

2012.06.13 01:06:09 LOG5[28347:1078843712]: connect_blocking: connected [HAPROXY IP]:81

2012.06.13 01:06:09 LOG5[28347:1078843712]: Service incoming-https connected remote server from [HAPROXY IP]:55823

2012.06.13 01:06:09 LOG7[28347:1078843712]: Remote FD=15 initialized

2012.06.13 01:06:09 LOG7[28347:1078843712]: Option TCP_NODELAY set on remote socket

2012.06.13 01:06:09 LOG5[28347:1078843712]: Error detected on SSL (read) file descriptor: Connection reset by peer (104)

2012.06.13 01:06:09 LOG5[28347:1078843712]: Connection reset: 0 bytes sent to SSL, 320 bytes sent to socket

2012.06.13 01:06:09 LOG7[28347:1078843712]: Service incoming-https finished (0 left)

2012.06.13 01:06:09 LOG7[28347:1078843712]: str_stats: 0 block(s), 0 data byte(s), 0 control byte(s)

 

Could stunnel be at play here or am I looking at the wrong thing?

 

Thanks!

Karl.

 

 

Karl Kloppenborg

Programming Ninja

 

Crucial Paradigm Pty Ltd

Suite 1 Level 3 104-106 Commonwealth St

Surry Hills NSW 2010

Australia

 

1300 884 839 – Sales & Support (AU Only)

Click here for the Support Desk

 

d: 02 8202 9994

f: 02 92818261

m: 0416 236 908

e: karl@crucial.com.au

 

Crucial Paradigm is a leading Web Hosting provider that specialises in Cloud solutions.

We are commited to keeping our planet green, please reduce, reuse and recycle your office paper.

Description: crucial_2012