Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 15158 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS SSL errors

wingman
Hi All

I getting some strange errors out of the blue:

2009:11:27-07:55:31 stuffman httpproxy[5133]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.2.11" user="wingman" statuscode="403" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="3345" time="0 ms" request="0xb15de280" url="rsi.hotmail.com/.../rsi.asmx" exceptions="" error="" reputation="trusted" category="156" reputation="trusted" categoryname="Web Mail"
2009:11:27-07:55:31 stuffman httpproxy[5133]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.2.11" user="wingman" statuscode="403" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="3345" time="0 ms" request="0xb1521ad0" url="rsi.hotmail.com/.../rsi.asmx" exceptions="" error="" reputation="trusted" category="156" reputation="trusted" categoryname="Web Mail"
2009:11:27-07:57:31 stuffman httpproxy[5133]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="1043" time="154 ms" request="0xb05f8ae0" url="www.astaro.org/.../gif"
2009:11:27-07:57:31 stuffman httpproxy[5133]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="1018" time="153 ms" request="0xb05f2a58" url="www.astaro.org/.../gif"
2009:11:27-07:58:14 stuffman httpproxy[5133]: [0xabceb7d8] ssl_log_errors (ssl.c:41) C: 5133:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:



There are two issues.
1)https://rsi.hotmail.com is blocked (web mail category is allowed)
2)getting strange SSL errors every now and then but I can understand what the issue is

thanks


This thread was automatically locked due to age.
Parents
  • 0
    Latest update from the support engineer was to add a HTTPS exception for the relevant URL.Hovewer, I am getting multiple different handshake errors and therefore I think that there is something faulty with the handshake itself

    latest log(25/12/09) 

    822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="1" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="2035" time="2 ms" request="0xa5959e98" url="livefiles18.vo.msecnd.net/.../jpeg"

    2009:12:25-15:12:40 stuffman httpproxy[26822]: [0xa9941cb8] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:12:41 stuffman httpproxy[26822]: [0xa99ed3e0] ssl_log_errors (ssl.c:41) C: 26822:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:288:

    2009:12:25-15:12:41 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa99ed3e0" url="65.54.189.205" exceptions="" error=""

    2009:12:25-15:12:46 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.11" user="wingman" statuscode="302" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="1336 ms" request="0xa994ec70" url="samspade.org/whois" exceptions="" error="" reputation="neutral" category="178" reputation="neutral" categoryname="Internet Services"

    2009:12:25-15:12:46 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="4400" time="776 ms" request="0xa591d940" url="samspade.org/.../html"

    2009:12:25-15:12:47 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="304" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="409 ms" request="0xa591d940" url="samspade.org/.../whois.css" exceptions="" error="" category="178" reputation="neutral" categoryname="Internet Services"

    2009:12:25-15:12:47 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="304" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="413 ms" request="0xa99b8390" url="samspade.org/.../js_hide.css" exceptions="" error="" category="178" reputation="neutral" categoryname="Internet Services"

    2009:12:25-15:13:01 stuffman httpproxy[26822]: [0xa9941cb8] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:13:11 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="1" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="2234" time="2 ms" request="0xa5959e98" url="livefiles18.vo.msecnd.net/.../jpeg"

    2009:12:25-15:13:23 stuffman httpproxy[26822]: [0xa99ed3e0] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:26:58 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:26:58 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:


    2009:12:25-15:29:50 stuffman httpproxy[26822]: [0xa950cb78] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_log_errors (ssl.c:41) S: 26822:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_connect (ssl.c:954) ssl_handshake: Input/output error

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:

    2009:12:25-15:29:53 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa591d398" url="70.42.140.72" exceptions="" error=""

    2009:12:25-15:29:54 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) S: 26822:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40

    2009:12:25-15:29:54 stuffman httpproxy[26822]: [0xa990dbd0] ssl_connect (ssl.c:954) ssl_handshake: Input/output error

    2009:12:25-15:29:55 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:29:55 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:

    2009:12:25-15:29:55 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa990dbd0" url="70.42.140.72" exceptions="" error=""

    2009:12:25-15:29:56 stuffman httpproxy[26822]: [0xa9512ce0] ssl_log_errors (ssl.c:41) S: 26822:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40

    2009:12:25-15:29:56 stuffman httpproxy[26822]: [0xa9512ce0] ssl_connect (ssl.c:954) ssl_handshake: Input/output error

    2009:12:25-15:29:57 stuffman httpproxy[26822]: [0xa9512ce0] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:29:57 stuffman httpproxy[26822]: [0xa9512ce0] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:

    2009:12:25-15:29:57 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa9512ce0" url="70.42.140.64" exceptions="" error=""

    2009:12:25-15:30:11 stuffman httpproxy[26822]: [0xa99b8390] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:



    Unfortunately, Astaro support can't help me because I am a home user. If anyone is facing the same issue + has proper support,please have a look. I understand that I don't have support but I think Astaro should have a look

    Thanks
Reply
  • 0
    Latest update from the support engineer was to add a HTTPS exception for the relevant URL.Hovewer, I am getting multiple different handshake errors and therefore I think that there is something faulty with the handshake itself

    latest log(25/12/09) 

    822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="1" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="2035" time="2 ms" request="0xa5959e98" url="livefiles18.vo.msecnd.net/.../jpeg"

    2009:12:25-15:12:40 stuffman httpproxy[26822]: [0xa9941cb8] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:12:41 stuffman httpproxy[26822]: [0xa99ed3e0] ssl_log_errors (ssl.c:41) C: 26822:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:288:

    2009:12:25-15:12:41 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa99ed3e0" url="65.54.189.205" exceptions="" error=""

    2009:12:25-15:12:46 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.11" user="wingman" statuscode="302" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="1336 ms" request="0xa994ec70" url="samspade.org/whois" exceptions="" error="" reputation="neutral" category="178" reputation="neutral" categoryname="Internet Services"

    2009:12:25-15:12:46 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="4400" time="776 ms" request="0xa591d940" url="samspade.org/.../html"

    2009:12:25-15:12:47 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="304" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="409 ms" request="0xa591d940" url="samspade.org/.../whois.css" exceptions="" error="" category="178" reputation="neutral" categoryname="Internet Services"

    2009:12:25-15:12:47 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="304" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="413 ms" request="0xa99b8390" url="samspade.org/.../js_hide.css" exceptions="" error="" category="178" reputation="neutral" categoryname="Internet Services"

    2009:12:25-15:13:01 stuffman httpproxy[26822]: [0xa9941cb8] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:13:11 stuffman httpproxy[26822]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="1" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="2234" time="2 ms" request="0xa5959e98" url="livefiles18.vo.msecnd.net/.../jpeg"

    2009:12:25-15:13:23 stuffman httpproxy[26822]: [0xa99ed3e0] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:26:58 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:26:58 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:


    2009:12:25-15:29:50 stuffman httpproxy[26822]: [0xa950cb78] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_log_errors (ssl.c:41) S: 26822:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_connect (ssl.c:954) ssl_handshake: Input/output error

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:29:53 stuffman httpproxy[26822]: [0xa591d398] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:

    2009:12:25-15:29:53 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa591d398" url="70.42.140.72" exceptions="" error=""

    2009:12:25-15:29:54 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) S: 26822:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40

    2009:12:25-15:29:54 stuffman httpproxy[26822]: [0xa990dbd0] ssl_connect (ssl.c:954) ssl_handshake: Input/output error

    2009:12:25-15:29:55 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:29:55 stuffman httpproxy[26822]: [0xa990dbd0] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:

    2009:12:25-15:29:55 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa990dbd0" url="70.42.140.72" exceptions="" error=""

    2009:12:25-15:29:56 stuffman httpproxy[26822]: [0xa9512ce0] ssl_log_errors (ssl.c:41) S: 26822:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40

    2009:12:25-15:29:56 stuffman httpproxy[26822]: [0xa9512ce0] ssl_connect (ssl.c:954) ssl_handshake: Input/output error

    2009:12:25-15:29:57 stuffman httpproxy[26822]: [0xa9512ce0] ssl_log_errors (ssl.c:41) C: 26822:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1057:SSL alert number 48

    2009:12:25-15:29:57 stuffman httpproxy[26822]: [0xa9512ce0] ssl_log_errors (ssl.c:41) C: 26822:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:534:

    2009:12:25-15:29:57 stuffman httpproxy[26822]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.2.11" user="" statuscode="502" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction=" ()" size="0" time="0 ms" request="0xa9512ce0" url="70.42.140.64" exceptions="" error=""

    2009:12:25-15:30:11 stuffman httpproxy[26822]: [0xa99b8390] ssl_log_errors (ssl.c:41) C: 26822:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:



    Unfortunately, Astaro support can't help me because I am a home user. If anyone is facing the same issue + has proper support,please have a look. I understand that I don't have support but I think Astaro should have a look

    Thanks
Children
No Data
Cookie Information Banner