我有一台在 apache 上运行 Coldfusion 的 redhat 6 服务器。我需要 SSL 来访问站点和智能卡身份验证。这工作正常,它基于智能卡登录,并拒绝访问。我的问题是该网站每页加载大约需要一分钟,但它最终会加载。在级别“警告”时查看日志它只是告诉我重新协商握手失败:客户端未接受。关于“信息”的更多详细信息,我得到以下信息:
[Thu Sep 01 10:50:29 2011] [info] Configuring server for SSL protocol
1891 [Thu Sep 01 10:50:44 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1892 [Thu Sep 01 10:50:44 2011] [info] Seeding PRNG with 144 bytes of entropy
1893 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1894 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1895 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1896 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1897 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1898 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1899 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1900 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1901 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1902 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1903 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1904 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1905 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1906 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1907 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1908 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1909 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1910 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1911 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1912 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1913 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1914 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1915 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1916 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1917 [Thu Sep 01 10:50:45 2011] [info] Initial (No.1) HTTPS request received for child 0 (server my-server.com:443)
1918 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Requesting connection re-negotiation
1919 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Awaiting re-negotiation handshake
1920 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 1 established (server my-server.com:443)
1921 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1922 [Thu Sep 01 10:50:45 2011] [error] [client x.x.x.x] Re-negotiation handshake failed: Not accepted by client!?
1923 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1924 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1925 [Thu Sep 01 10:50:45 2011] [info] Initial (No.1) HTTPS request received for child 1 (server my-server.com:443)
1926 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Requesting connection re-negotiation
1927 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Awaiting re-negotiation handshake
1928 [Thu Sep 01 10:50:45 2011] [error] [client x.x.x.x] Re-negotiation handshake failed: Not accepted by client!?
1929 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Connection to child 1 established (server my-server.com:443)
1930 [Thu Sep 01 10:50:45 2011] [info] Seeding PRNG with 144 bytes of entropy
1931 [Thu Sep 01 10:50:45 2011] [info] Initial (No.1) HTTPS request received for child 0 (server my-server.com:443)
1932 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Requesting connection re-negotiation
1933 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Awaiting re-negotiation handshake
1934 [Thu Sep 01 10:50:45 2011] [error] [client x.x.x.x] Re-negotiation handshake failed: Not accepted by client!?
1935 [Thu Sep 01 10:50:45 2011] [info] Initial (No.1) HTTPS request received for child 1 (server my-server.com:443)
1936 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Requesting connection re-negotiation
1937 [Thu Sep 01 10:50:45 2011] [info] [client x.x.x.x] Awaiting re-negotiation handshake
1938 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection closed to child 1 with standard shutdown (server my-server.com:443)
1939 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection to child 0 established (server my-server.com:443)
1940 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection to child 2 established (server my-server.com:443)
1941 [Thu Sep 01 10:50:47 2011] [info] Seeding PRNG with 144 bytes of entropy
1942 [Thu Sep 01 10:50:47 2011] [info] Seeding PRNG with 144 bytes of entropy
1943 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection to child 3 established (server my-server.com:443)
1944 [Thu Sep 01 10:50:47 2011] [info] Seeding PRNG with 144 bytes of entropy
1945 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection to child 4 established (server my-server.com:443)
1946 [Thu Sep 01 10:50:47 2011] [info] Seeding PRNG with 144 bytes of entropy
1947 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection to child 6 established (server my-server.com:443)
1948 [Thu Sep 01 10:50:47 2011] [info] Seeding PRNG with 144 bytes of entropy
1949 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection to child 5 established (server my-server.com:443)
1950 [Thu Sep 01 10:50:47 2011] [info] Seeding PRNG with 144 bytes of entropy
1951 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1952 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection closed to child 0 with abortive shutdown (server my-server.com:443)
1953 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1954 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection closed to child 2 with abortive shutdown (server my-server.com:443)
1955 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1956 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection closed to child 4 with abortive shutdown (server my-server.com:443)
1957 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
1958 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] Connection closed to child 6 with abortive shutdown (server my-server.com:443)
1959 [Thu Sep 01 10:50:47 2011] [info] [client x.x.x.x] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
我也有同样的问题。
当我把我的
SSLVerifyClient require
SSLVerifyDepth 1
在指令内<Directory>它很慢,并且我在错误日志中收到重新协商消息。
如果我将这些指令移至顶层(在 下),一切都会像魅力一样工作。
| 归档时间: |
|
| 查看次数: |
7745 次 |
| 最近记录: |