Hey Stunnel guys!
I’ve got a bit of an issue in which users on ie6 cannot connect through HTTPs to my haproxy cluster, they get a 404 page cannot be displayed.
Works fine in all other browsers ;)
The logs from Stunnel are:
2012.06.13 01:06:09 LOG7[28347:47884616028640]: local socket: FD=14 allocated (non-blocking mode)
2012.06.13 01:06:09 LOG7[28347:47884616028640]: Service incoming-https accepted FD=14 from [ClientIP]:1208
2012.06.13 01:06:09 LOG7[28347:1078843712]: Service incoming-https started
2012.06.13 01:06:09 LOG7[28347:1078843712]: Option TCP_NODELAY set on local socket
2012.06.13 01:06:09 LOG7[28347:1078843712]: Waiting for a libwrap process
2012.06.13 01:06:09 LOG7[28347:1078843712]: Acquired libwrap process #0
2012.06.13 01:06:09 LOG7[28347:1078843712]: Releasing libwrap process #0
2012.06.13 01:06:09 LOG7[28347:1078843712]: Released libwrap process #0
2012.06.13 01:06:09 LOG7[28347:1078843712]: Service incoming-https permitted by libwrap from [ClientIP]:1208
2012.06.13 01:06:09 LOG5[28347:1078843712]: Service incoming-https accepted connection from [ClientIP]:1208
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): before/accept initialization
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 read client hello A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write server hello A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write certificate A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write server done A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 flush data
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 read client key exchange A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 read finished A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write change cipher spec A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 write finished A
2012.06.13 01:06:09 LOG7[28347:1078843712]: SSL state (accept): SSLv3 flush data
2012.06.13 01:06:09 LOG7[28347:1078843712]: 1 items in the session cache
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 client connects (SSL_connect())
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 client connects that finished
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 client renegotiations requested
2012.06.13 01:06:09 LOG7[28347:1078843712]: 1 server connects (SSL_accept())
2012.06.13 01:06:09 LOG7[28347:1078843712]: 1 server connects that finished
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 server renegotiations requested
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 session cache hits
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 external session cache hits
2012.06.13 01:06:09 LOG7[28347:1078843712]: 1 session cache misses
2012.06.13 01:06:09 LOG7[28347:1078843712]: 0 session cache timeouts
2012.06.13 01:06:09 LOG6[28347:1078843712]: SSL accepted: new session negotiated
2012.06.13 01:06:09 LOG6[28347:1078843712]: Negotiated ciphers: DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
2012.06.13 01:06:09 LOG7[28347:1078843712]: remote socket: FD=15 allocated (non-blocking mode)
2012.06.13 01:06:09 LOG6[28347:1078843712]: connect_blocking: connecting [HAPROXY IP]:81
2012.06.13 01:06:09 LOG7[28347:1078843712]: connect_blocking: s_poll_wait [HAPROXY IP]:81: waiting 10 seconds
2012.06.13 01:06:09 LOG5[28347:1078843712]: connect_blocking: connected [HAPROXY IP]:81
2012.06.13 01:06:09 LOG5[28347:1078843712]: Service incoming-https connected remote server from [HAPROXY IP]:55823
2012.06.13 01:06:09 LOG7[28347:1078843712]: Remote FD=15 initialized
2012.06.13 01:06:09 LOG7[28347:1078843712]: Option TCP_NODELAY set on remote socket
2012.06.13 01:06:09 LOG5[28347:1078843712]: Error detected on SSL (read) file descriptor: Connection reset by peer (104)
2012.06.13 01:06:09 LOG5[28347:1078843712]: Connection reset: 0 bytes sent to SSL, 320 bytes sent to socket
2012.06.13 01:06:09 LOG7[28347:1078843712]: Service incoming-https finished (0 left)
2012.06.13 01:06:09 LOG7[28347:1078843712]: str_stats: 0 block(s), 0 data byte(s), 0 control byte(s)
Could stunnel be at play here or am I looking at the wrong thing?
Thanks!
Karl.
Karl Kloppenborg
Programming Ninja
Crucial Paradigm Pty Ltd
Suite 1 Level 3 104-106 Commonwealth St
Surry Hills NSW 2010
Australia
1300 884 839 – Sales & Support (AU Only)
Click here for the Support Desk
d: 02 8202 9994
f: 02 92818261
m: 0416 236 908
Crucial Paradigm is a leading Web Hosting provider that specialises in Cloud solutions.
We are commited to keeping our planet green, please reduce, reuse and recycle your office paper.