0

I have ubuntu 8.04lts with apache2+svn+openSSL there.

For last few months used locally only via local server name. Fine. Now tried to access from internet - getting SSL handshake error. If I'm requesting locally but via server IP - same error.

log entries in apache error.log:

[Sun Nov 21 15:47:48 2010] [info] [client 172.146.0.102] Connection to child 0 established (server SVNServer:443)
[Sun Nov 21 15:47:48 2010] [info] Seeding PRNG with 648 bytes of entropy
[Sun Nov 21 15:47:48 2010] [info] [client 172.146.0.102] SSL library error 1 in handshake (server SVNServer:443)
[Sun Nov 21 15:47:48 2010] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!?
[Sun Nov 21 15:47:48 2010] [info] [client 172.146.0.102] Connection closed to child 0 with abortive shutdown (server SVNServer:443)

Why so? I remember that earlier used via IP too successfully but I can't remember what could happened or updated since that time.

EDITED:

Downgraded tortoise to 1.6.5: receiving same error both via servername and IP.

stim
  • 101
  • 4
  • You say "if I'm requesting locally but by server IP - same error", but could you tell us what you're doing client-side to request it, and how failure looks client-side as well? – MadHatter Nov 21 '10 at 13:49
  • I'm trying to connect to the svn repository via tortoiseSVN by typing URL. In case of server IP getting error "SSL handshake failed: secure onnection truncated" – stim Nov 21 '10 at 14:06
  • Seems to be more an tortoise+openSSL issue since googling troubles: "Getting SSL handshake failed since installing tortoise 1.6.7..." – stim Nov 21 '10 at 14:09
  • Could you try, from a remote linux machine, "openssl s_client -connect 172.146.0.102:443". If that reports some certificate stuff and connects, it proves that your server is just fine with openssl to the ip address, and your problem is, as you suggest, client-side. – MadHatter Nov 21 '10 at 14:23
  • There is no another local linux. There is any windows way?) – stim Nov 21 '10 at 15:34
  • Well, I vaguely think that cygwin includes the openssl tool; but I'm afraid I'm a free-software-only guy, so can't help much with windows. – MadHatter Nov 21 '10 at 16:04

1 Answers1

0

As expected - domain name linked to IP solved the issue for internet users.

stim
  • 101
  • 4