I'm trying to connect to SSL server from linux but it does not work.
I need to auth by a client certificate from a Windows client http (C# httpwebrequest) but it does not work.
So I have tried using an internal reverse proxy with Linux/Apache (it does the client authentifcation) but it does not work. Here is the configuration :
<VirtualHost host:443>
ServerName host:443
# SRV SSL
SSLEngine On
SSLCertificateFile /cert.cer
SSLCertificateKeyFile /cert.key
# REVERSE PROXY
SSLProxyEngine On
ProxyPass / https://host:443/
ProxyPassReverse / https://host:443/
ProxyRequests Off
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
# AUTHENTIFICATION CERT CLIENT (concat crt et key SANS pwd)
SSLProxyMachineCertificateFile "/cert.crt.key"
# Log Dev
TransferLog logs/test.ssl_access_log
ErrorLog logs/test.ssl_error_log
# DEBUG
<IfModule mod_ssl.c>
ErrorLog logs/ssl_engine.log
LogLevel debug
</IfModule>
</VirtualHost>
And here is the ssl_engine.log :
[Sat Mar 03 18:23:06.813995 2018] [proxy:debug] [pid 5892] proxy_util.c(2798): AH02824: HTTPS: connection established with xxx.xxx.xxx.xxx:443 (host)
[Sat Mar 03 18:23:06.814011 2018] [proxy:debug] [pid 5892] proxy_util.c(2938): AH00962: HTTPS: connection complete to xxx.xxx.xxx.xxx:443 (host)
[Sat Mar 03 18:23:06.814015 2018] [ssl:info] [pid 5892] [remote xxx.xxx.xxx.xxx:443] AH01964: Connection to child 0 established (server localhost:443)
[Sat Mar 03 18:23:06.844164 2018] [ssl:info] [pid 5892] [remote xxx.xxx.xxx.xxx:443] AH02003: SSL Proxy connect failed
[Sat Mar 03 18:23:06.844212 2018] [ssl:info] [pid 5892] SSL Library Error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
[Sat Mar 03 18:23:06.844219 2018] [ssl:info] [pid 5892] [remote xxx.xxx.xxx.xxx:443] AH01998: Connection closed to child 0 with abortive shutdown (server localhost:443)
[Sat Mar 03 18:23:06.844234 2018] [ssl:info] [pid 5892] [remote xxx.xxx.xxx.xxx:443] AH01997: SSL handshake failed: sending 502
[Sat Mar 03 18:23:06.844250 2018] [proxy_http:error] [pid 5892] (103)Software caused connection abort: [client 172.20.6.150:56860] AH01102: error reading status line from remote server host:443
[Sat Mar 03 18:23:06.844275 2018] [proxy_http:debug] [pid 5892] mod_proxy_http.c(1363): [client 172.20.6.150:56860] AH01105: NOT Closing connection to client although reading from backend server host:443 failed.
[Sat Mar 03 18:23:06.844280 2018] [proxy:error] [pid 5892] [client 172.20.6.150:56860] AH00898: Error reading from remote server returned by /recette/tib/depotGreffe/C0002A0121L091616D20180129H100031TDEDOCPCFEC.zip
[Sat Mar 03 18:23:06.844292 2018] [proxy:debug] [pid 5892] proxy_util.c(2218): AH00943: HTTPS: has released connection for (host)
[Sat Mar 03 18:23:06.844483 2018] [ssl:info] [pid 5892] [client 172.20.6.150:56860] AH01992: SSL library error 1 reading data
[Sat Mar 03 18:23:06.844497 2018] [ssl:info] [pid 5892] SSL Library Error: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
[Sat Mar 03 18:23:07.054533 2018] [proxy:debug] [pid 5893] proxy_util.c(1843): AH00925: initializing worker https://host/ shared
[Sat Mar 03 18:23:07.054583 2018] [proxy:debug] [pid 5893] proxy_util.c(1885): AH00927: initializing worker https://host/ local
[Sat Mar 03 18:23:07.054597 2018] [proxy:debug] [pid 5893] proxy_util.c(1936): AH00931: initialized single connection worker in child 5893 for (host)
[Sat Mar 03 18:23:11.849565 2018] [ssl:info] [pid 5892] (70007)The timeout specified has expired: [client 172.20.6.150:56860] AH01991: SSL input filter read failed.
[Sat Mar 03 18:23:11.849662 2018] [ssl:debug] [pid 5892] ssl_engine_io.c(993): [client 172.20.6.150:56860] AH02001: Connection closed to child 4 with standard shutdown (server localhost:443)
[Sat Mar 03 18:23:52.003050 2018] [ssl:info] [pid 5888] [client 172.20.7.77:53311] AH01964: Connection to child 0 established (server localhost:443)
[Sat Mar 03 18:23:52.019141 2018] [ssl:debug] [pid 5888] ssl_engine_kernel.c(1823): [client 172.20.7.77:53311] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
[Sat Mar 03 18:23:52.019411 2018] [ssl:debug] [pid 5888] ssl_engine_io.c(993): [client 172.20.7.77:53311] AH02001: Connection closed to child 0 with standard shutdown (server localhost:443)
[Sat Mar 03 18:24:52.001523 2018] [ssl:info] [pid 5889] [client 172.20.7.77:53884] AH01964: Connection to child 1 established (server localhost:443)
[Sat Mar 03 18:24:52.016324 2018] [ssl:debug] [pid 5889] ssl_engine_kernel.c(1823): [client 172.20.7.77:53884] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
[Sat Mar 03 18:24:52.018222 2018] [ssl:debug] [pid 5889] ssl_engine_io.c(993): [client 172.20.7.77:53884] AH02001: Connection closed to child 1 with standard shutdown (server localhost:443)
[Sat Mar 03 18:25:52.000848 2018] [ssl:info] [pid 5890] [client 172.20.7.77:54435] AH01964: Connection to child 2 established (server localhost:443)
[Sat Mar 03 18:25:52.018430 2018] [ssl:debug] [pid 5890] ssl_engine_kernel.c(1823): [client 172.20.7.77:54435] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
[Sat Mar 03 18:25:52.018656 2018] [ssl:debug] [pid 5890] ssl_engine_io.c(993): [client 172.20.7.77:54435] AH02001: Connection closed to child 2 with standard shutdown (server localhost:443)
I have tried many tests with curl but nothing (with client auth options) :
curl -v -k --cert /cert.crt.key https://host/path
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP)
* Cannot communicate securely with peer: no common encryption algorithm(s).
* Closing connection 0
curl: (35) Cannot communicate securely with peer: no common encryption algorithm(s).
I have dump trafic using tcpdump and analyse it with ssldump and I have a handshake failure (only client hello but non server hello) :
ssldump -nr /trace.cap
New TCP connection #1: 172.20.7.85(44122) <-> xxx.xxx.111.106(443)
1 1 0.1201 (0.1201) C>S Handshake
ClientHello
Version 3.3
cipher suites
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Unknown value 0xcca9
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Unknown value 0xcca8
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Unknown value 0xccaa
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
compression methods
NULL
1 2 0.1507 (0.0305) S>C Alert
level fatal
value handshake_failure
1 0.1508 (0.0000) C>S TCP FIN
1 0.1803 (0.0294) S>C TCP FIN
It seems I have never the "server hello" from the server and so never have server cipher.
I'm trying with openssl client like this :
openssl s_client -connect host:443 -cert /mycert.pem -key /mycert.key -debug -state
SSL_connect:SSLv2/v3 write client hello A
read from 0xc48060 [0xc7dc00] (7 bytes => 7 (0x7))
0000 - 15 03 01 00 02 02 28 ......(
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
140342855083936:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1520095823
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
I have also tried with wget :
wget -v -d --secure-protocol=TLSv1 --no-check-certificate --certificate=/cert.pem --private-key=/cert.key https://host
URI encoding = «UTF-8»
Created socket 3.
Releasing 0x0000000002538850 (new refcount 1).
Initiating SSL handshake.
SSL handshake failed.
OpenSSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
Closed fd 3
Incapable d'établir une connexion SSL.
Files are pem b64 format and not encryption password.
I have added CA autority certificate from both remote ssl server and client authentificate certificate (intranet CA) in ca-bundle (redhat).
It seems to work with Internet Explorer (using only tls1.0) !!
Anyone can help me ? Is certificate (ssl server or auth client) can be the problem or not (because it handshake stop after 'client hello') ?
I'm going to tried with fiddler like a proxy https server from Windows IE...
Thank you
Related
I am trying to setup the following:
User ---https---> Apache ---http---> Company Proxy ---https---> Third party webserver (nginx)
The Apache must send an SSL client certificate for authentication by the webserver.
I am using Apache 2.4.41 / OpenSSL 1.1.1d.
If I am testing the setup with curl and sending the SSL client cert to the webserver via the company
(i.e. bypassing the Apache), it works perfectly. However, if I am using curl to connect to the Apache,
it fails.
I have configured (relevant parts only) as an Apache VHost
===
ServerName test1.company.com:5140
SSLEngine on
KeepAlive on
SSLProxyEngine On
SSLProxyCheckPeerCN off
SSLProxyVerify none
SSLProxyCheckPeerName off
SSLProxyCACertificateFile conf/ssl/ca-bundle-proxy.crt
# client certificate (contains unencrypted concatenated private key and server certificate)
SSLProxyMachineCertificateFile ssl.client
ProxyRemote "*" "http://proxy.company.de:8080"
ProxyTimeout 30
Timeout 30
# explicity required
ProxyPreserveHost Off
<Location /mycontext>
ProxyPass https://www.thirdparty.com:443/mycontext
ProxyPassReverse https://www.thirdparty.com:443/mycontext
</Location>
I get in the logfile (extract):
[Mon Mar 23 14:18:26.150538 2020] [ssl:trace4] [pid 116307:tid 140486627026688] ssl_engine_io.c(2212): [remote proxy.company.com:8080] OpenSSL: read 5/5 bytes from BIO#7fc57000ddb0 [mem: 7fc57002f863] (BIO dump follows)
[Mon Mar 23 14:18:26.150558 2020] [ssl:trace4] [pid 116307:tid 140486627026688] ssl_engine_io.c(2212): [remote proxy.company.com:8080] OpenSSL: read 117/204 bytes from BIO#7fc57000ddb0 [mem: 7fc57002f868] (BIO dump follows)
[Mon Mar 23 14:18:26.165597 2020] [ssl:trace4] [pid 116307:tid 140486627026688] ssl_engine_io.c(2212): [remote proxy.company.com:8080] OpenSSL: read 87/87 bytes from BIO#7fc57000ddb0 [mem: 7fc57002f8dd] (BIO dump follows)
[Mon Mar 23 14:18:26.165643 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS read server key exchange
[Mon Mar 23 14:18:26.165687 2020] [ssl:debug] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(1943): AH02267: Proxy client certificate callback: (test1.company.com:5140) entered
[Mon Mar 23 14:18:26.165691 2020] [ssl:debug] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2013): AH02269: Proxy client certificate callback: (test1.company.com:5140) no client certificate found!?
[Mon Mar 23 14:18:26.165708 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS read server certificate request
[Mon Mar 23 14:18:26.165712 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS read server done
[Mon Mar 23 14:18:26.165722 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS write client certificate
[Mon Mar 23 14:18:26.165881 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS write client key exchange
[Mon Mar 23 14:18:26.165910 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS write change cipher spec
[Mon Mar 23 14:18:26.165947 2020] [ssl:trace4] [pid 116307:tid 140486627026688] ssl_engine_io.c(2212): [remote proxy.company.com:8080] OpenSSL: write 138/138 bytes to BIO#7fc57000e190 [mem: 7fc57002a5a0] (BIO dump follows)
[Mon Mar 23 14:18:26.235214 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS read change cipher spec
[Mon Mar 23 14:18:26.235242 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2192): [remote proxy.company.com:8080] OpenSSL: Loop: SSLv3/TLS read finished
[Mon Mar 23 14:18:26.235254 2020] [ssl:trace3] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2187): [remote proxy.company.com:8080] OpenSSL: Handshake: done
[Mon Mar 23 14:18:26.235265 2020] [ssl:debug] [pid 116307:tid 140486627026688] ssl_engine_kernel.c(2236): [remote proxy.company.com:8080] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
The output of curl via the Apache :
< HTTP/1.1 400 Bad Request
< Date: Mon, 23 Mar 2020 13:18:26 GMT
< Server: nginx
< Content-Type: text/html
< Content-Length: 246
< Connection: close
<
<html>
<head><title>400 No required SSL certificate was sent</title></head>
Questions:
Why does it say "no client certificate found!?" and "write client certificate" ? It's a little bit confusing.
As far as I know, the exchange of the SSL client certificate is done in the SSL handshake. How can the handshake be completed if there is an error with sending the client cert?
Does anybody have an idea what needs to be changed in the Apache configuration to get this working?
Any help is greatly appreciated.
Thanks
Christian
Why does it say "no client certificate found!?" and "write client certificate" ? It's a little bit confusing.
If the server requested a client certificate the client will send the requested Certificate record. But this might contain nothing (i.e. 0 certificates).
As far as I know, the exchange of the SSL client certificate is done in the SSL handshake. How can the handshake be completed if there is an error with sending the client cert?
A client certificate can be mandatory or optional. The client cannot see if it is mandatory or not, only that a certificate is requested. The server or application might decide to check if the certificate is the expected one after the handshake itself is completed. Only if the handshake is completed the client can send a HTTP request and get a HTTP response with the comparably nice error message. Otherwise the client would just get a strange handshake error.
Does anybody have an idea what needs to be changed in the Apache configuration to get this working?
The config you present looks actually good but the problem might be in the details. For example the certificate file might be wrong so that a certificate and key cannot actually be found inside. Hard to tell without having a look at these kind of details. Or the certificate does not match the list of CA the server presented as possible issuers for the client certificate.
I make following the post https://www to https://no-www redirection.
I have finally managed to generate a wildcard certificate *.website.com which allows me with rewrite rules to get redirection to https://website.com from initially https://www.website.com.
Now, I am faced to another issue: my CGI scripts in cgi-bin directory are not working anymore like for example: https://website.com/cgi-bin/awstats.pl
I am using the following rewrite rules to get https://www.website.com to https://webiste.com (using zope framework behind apache) :
<VirtualHost *:443>
# Name
ServerAdmin admin#website.com
ServerName website.com
ServerAlias www.website.com
# LOG
CustomLog /var/log/apache2/access.log combined
# ACTIVATE SSL
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/website.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/website.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/website.com/chain.pem
# REWRITE
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/cgi-bin/awstats [NC]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
RewriteRule ^/(.*) https://localhost:8443/++vh++https:%{SERVER_NAME}:443/++/$1 [P,L]
SSLProxyEngine On
RequestHeader set Front-End-Https "On"
#CacheDisable *
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
Alias /awstatsclasses "/usr/share/awstats/lib/"
Alias /awstats-icon "/usr/share/awstats/icon/"
Alias /awstatscss "/usr/share/doc/awstats/examples/css"
<Directory "/usr/lib/cgi-bin/">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#website.com
ServerName website.com
ServerAlias www.website.com
RewriteCond %{REQUEST_URI} ^/www\. [NC,OR]
RewriteCond %{REQUEST_URI} !^/podcast [NC]
# Rewrite below works : redirect 80 => https
RewriteRule ^/(.*) https://website.com/$1 [R=301,L]
# For Zope
RewriteRule ^/(.*) http://localhost:9674/++vh++http:%{SERVER_NAME}:80/++/$1 [P,L]
</IfModule>
</VirtualHost>
It's pretty tricky but the result is that if I type : https://website.com/cgi-bin/awstats.pl, I get the equivalent of a 404 error of Apache2 but coming from Zope.
How to make work my CGI scripts again ?
It's frustrating from previous post : I have fixed the redirection https://www.website.com to https://website.com but right now, these are the CGI scripts which are no longer accessible.
Before the modifications about the redirection https://www to https://no-www, the scripts were available. I don't understand where it could come from.
Update 1
Output of Apache2:
[Sun Mar 01 10:49:33.445944 2020] [ssl:debug] [pid 9866] ssl_engine_kernel.c(383): [client 91.171.129.151:7825] AH02034: Subsequent (No.7) HTTPS request received for child 7 (server website.com:443), referer: https://website.com/style/style2.css
[Sun Mar 01 10:49:33.445986 2020] [authz_core:debug] [pid 9866] mod_authz_core.c(846): [client 91.171.129.151:7825] AH01628: authorization result: granted (no directives), referer: https://website.com/style/style2.css
[Sun Mar 01 10:49:33.446022 2020] [proxy:debug] [pid 9866] mod_proxy.c(1249): [client 91.171.129.151:7825] AH01143: Running scheme https handler (attempt 0), referer: https://website.com/style/style2.css
[Sun Mar 01 10:49:33.446032 2020] [proxy:debug] [pid 9866] proxy_util.c(2316): AH00942: HTTPS: has acquired connection for (*)
[Sun Mar 01 10:49:33.446041 2020] [proxy:debug] [pid 9866] proxy_util.c(2369): [client 91.171.129.151:7825] AH00944: connecting https://localhost:8443/++vh++https:website.com:443/++/images/up-arrow.png to localhost:8443, referer: https://website.com/style/style2.css
[Sun Mar 01 10:49:33.446204 2020] [proxy:debug] [pid 9866] proxy_util.c(2578): [client 91.171.129.151:7825] AH00947: connected /++vh++https:website.com:443/++/images/up-arrow.png to localhost:8443, referer: https://website.com/style/style2.css
[Sun Mar 01 10:49:33.446288 2020] [proxy:debug] [pid 9866] proxy_util.c(3047): AH02824: HTTPS: connection established with 127.0.0.1:8443 (*)
[Sun Mar 01 10:49:33.446307 2020] [proxy:debug] [pid 9866] proxy_util.c(3215): AH00962: HTTPS: connection complete to 127.0.0.1:8443 (localhost)
[Sun Mar 01 10:49:33.446320 2020] [ssl:info] [pid 9866] [remote 127.0.0.1:8443] AH01964: Connection to child 0 established (server website.com:443)
[Sun Mar 01 10:49:33.454637 2020] [proxy:debug] [pid 9865] proxy_util.c(2331): AH00943: *: has released connection for (*)
[Sun Mar 01 10:49:33.454721 2020] [ssl:debug] [pid 9865] ssl_engine_io.c(1106): [remote 127.0.0.1:8443] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:33.454772 2020] [proxy:debug] [pid 9865] proxy_util.c(3154): [remote 127.0.0.1:8443] AH02642: proxy: connection shutdown
[Sun Mar 01 10:49:33.459030 2020] [proxy:debug] [pid 9851] proxy_util.c(2331): AH00943: *: has released connection for (*)
[Sun Mar 01 10:49:33.459109 2020] [ssl:debug] [pid 9851] ssl_engine_io.c(1106): [remote 127.0.0.1:8443] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:33.459144 2020] [ssl:debug] [pid 9866] ssl_engine_kernel.c(1740): [remote 127.0.0.1:8443] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: CN=website.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 033E19116893A728CDC809BA511D98069F7E / notbefore: Jun 29 23:22:00 2017 GMT / notafter: Sep 27 23:22:00 2017 GMT]
[Sun Mar 01 10:49:33.459161 2020] [proxy:debug] [pid 9851] proxy_util.c(3154): [remote 127.0.0.1:8443] AH02642: proxy: connection shutdown
[Sun Mar 01 10:49:33.459193 2020] [ssl:debug] [pid 9866] ssl_engine_kernel.c(1740): [remote 127.0.0.1:8443] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: CN=website.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 033E19116893A728CDC809BA511D98069F7E / notbefore: Jun 29 23:22:00 2017 GMT / notafter: Sep 27 23:22:00 2017 GMT]
[Sun Mar 01 10:49:33.463339 2020] [ssl:debug] [pid 9866] ssl_engine_kernel.c(2235): [remote 127.0.0.1:8443] AH02041: Protocol: TLSv1, Cipher: AES256-SHA (256/256 bits)
[Sun Mar 01 10:49:33.463411 2020] [proxy:debug] [pid 9853] proxy_util.c(2331): AH00943: *: has released connection for (*)
[Sun Mar 01 10:49:33.463486 2020] [ssl:debug] [pid 9853] ssl_engine_io.c(1106): [remote 127.0.0.1:8443] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:33.463534 2020] [proxy:debug] [pid 9853] proxy_util.c(3154): [remote 127.0.0.1:8443] AH02642: proxy: connection shutdown
[Sun Mar 01 10:49:33.471527 2020] [proxy:debug] [pid 9866] proxy_util.c(2331): AH00943: *: has released connection for (*)
[Sun Mar 01 10:49:33.471590 2020] [ssl:debug] [pid 9866] ssl_engine_io.c(1106): [remote 127.0.0.1:8443] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:33.471627 2020] [proxy:debug] [pid 9866] proxy_util.c(3154): [remote 127.0.0.1:8443] AH02642: proxy: connection shutdown
[Sun Mar 01 10:49:33.511179 2020] [ssl:debug] [pid 9853] ssl_engine_kernel.c(383): [client 91.171.129.151:7821] AH02034: Subsequent (No.8) HTTPS request received for child 4 (server website.com:443)
[Sun Mar 01 10:49:33.511249 2020] [authz_core:debug] [pid 9853] mod_authz_core.c(846): [client 91.171.129.151:7821] AH01628: authorization result: granted (no directives)
[Sun Mar 01 10:49:33.511303 2020] [proxy:debug] [pid 9853] mod_proxy.c(1249): [client 91.171.129.151:7821] AH01143: Running scheme https handler (attempt 0)
[Sun Mar 01 10:49:33.511332 2020] [proxy:debug] [pid 9853] proxy_util.c(2316): AH00942: HTTPS: has acquired connection for (*)
[Sun Mar 01 10:49:33.511343 2020] [proxy:debug] [pid 9853] proxy_util.c(2369): [client 91.171.129.151:7821] AH00944: connecting https://localhost:8443/++vh++https:website.com:443/++/favicon.ico to localhost:8443
[Sun Mar 01 10:49:33.511551 2020] [proxy:debug] [pid 9853] proxy_util.c(2578): [client 91.171.129.151:7821] AH00947: connected /++vh++https:website.com:443/++/favicon.ico to localhost:8443
[Sun Mar 01 10:49:33.511670 2020] [proxy:debug] [pid 9853] proxy_util.c(3047): AH02824: HTTPS: connection established with 127.0.0.1:8443 (*)
[Sun Mar 01 10:49:33.511696 2020] [proxy:debug] [pid 9853] proxy_util.c(3215): AH00962: HTTPS: connection complete to 127.0.0.1:8443 (localhost)
[Sun Mar 01 10:49:33.511713 2020] [ssl:info] [pid 9853] [remote 127.0.0.1:8443] AH01964: Connection to child 0 established (server website.com:443)
[Sun Mar 01 10:49:33.512494 2020] [ssl:debug] [pid 9853] ssl_engine_kernel.c(1740): [remote 127.0.0.1:8443] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: CN=website.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 033E19116893A728CDC809BA511D98069F7E / notbefore: Jun 29 23:22:00 2017 GMT / notafter: Sep 27 23:22:00 2017 GMT]
[Sun Mar 01 10:49:33.512541 2020] [ssl:debug] [pid 9853] ssl_engine_kernel.c(1740): [remote 127.0.0.1:8443] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: CN=website.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 033E19116893A728CDC809BA511D98069F7E / notbefore: Jun 29 23:22:00 2017 GMT / notafter: Sep 27 23:22:00 2017 GMT]
[Sun Mar 01 10:49:33.517345 2020] [ssl:debug] [pid 9853] ssl_engine_kernel.c(2235): [remote 127.0.0.1:8443] AH02041: Protocol: TLSv1, Cipher: AES256-SHA (256/256 bits)
[Sun Mar 01 10:49:33.525382 2020] [proxy:debug] [pid 9853] proxy_util.c(2331): AH00943: *: has released connection for (*)
[Sun Mar 01 10:49:33.525443 2020] [ssl:debug] [pid 9853] ssl_engine_io.c(1106): [remote 127.0.0.1:8443] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:33.525476 2020] [proxy:debug] [pid 9853] proxy_util.c(3154): [remote 127.0.0.1:8443] AH02642: proxy: connection shutdown
[Sun Mar 01 10:49:34.109743 2020] [watchdog:debug] [pid 9869] mod_watchdog.c(567): AH02980: Watchdog: nothing configured?
[Sun Mar 01 10:49:34.109885 2020] [proxy:debug] [pid 9869] proxy_util.c(1924): AH00925: initializing worker proxy:reverse shared
[Sun Mar 01 10:49:34.109901 2020] [proxy:debug] [pid 9869] proxy_util.c(1981): AH00927: initializing worker proxy:reverse local
[Sun Mar 01 10:49:34.109955 2020] [proxy:debug] [pid 9869] proxy_util.c(2032): AH00931: initialized single connection worker in child 9869 for (*)
[Sun Mar 01 10:49:34.110492 2020] [watchdog:debug] [pid 9870] mod_watchdog.c(567): AH02980: Watchdog: nothing configured?
[Sun Mar 01 10:49:34.110610 2020] [proxy:debug] [pid 9870] proxy_util.c(1924): AH00925: initializing worker proxy:reverse shared
[Sun Mar 01 10:49:34.110625 2020] [proxy:debug] [pid 9870] proxy_util.c(1981): AH00927: initializing worker proxy:reverse local
[Sun Mar 01 10:49:34.110674 2020] [proxy:debug] [pid 9870] proxy_util.c(2032): AH00931: initialized single connection worker in child 9870 for (*)
[Sun Mar 01 10:49:48.437276 2020] [ssl:debug] [pid 9864] ssl_engine_io.c(1106): [client 91.171.129.151:7823] AH02001: Connection closed to child 5 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:48.438985 2020] [ssl:debug] [pid 9849] ssl_engine_io.c(1106): [client 91.171.129.151:7822] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:48.467248 2020] [ssl:debug] [pid 9865] ssl_engine_io.c(1106): [client 91.171.129.151:7824] AH02001: Connection closed to child 6 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:48.470814 2020] [ssl:debug] [pid 9851] ssl_engine_io.c(1106): [client 91.171.129.151:7820] AH02001: Connection closed to child 2 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:48.478015 2020] [ssl:debug] [pid 9866] ssl_engine_io.c(1106): [client 91.171.129.151:7825] AH02001: Connection closed to child 7 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:48.539212 2020] [ssl:debug] [pid 9853] ssl_engine_io.c(1106): [client 91.171.129.151:7821] AH02001: Connection closed to child 4 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:56.282123 2020] [ssl:info] [pid 9852] [client 127.0.0.1:49482] AH01964: Connection to child 3 established (server website.com:443)
[Sun Mar 01 10:49:56.282356 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(2319): [client 127.0.0.1:49482] AH02043: SSL virtual host for servername website.com found
[Sun Mar 01 10:49:56.282407 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(2319): [client 127.0.0.1:49482] AH02043: SSL virtual host for servername website.com found
[Sun Mar 01 10:49:56.282418 2020] [core:debug] [pid 9852] protocol.c(2314): [client 127.0.0.1:49482] AH03155: select protocol from , choices=h2,http/1.1 for server website.com
[Sun Mar 01 10:49:56.296616 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(2235): [client 127.0.0.1:49482] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
[Sun Mar 01 10:49:56.296936 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(383): [client 127.0.0.1:49482] AH02034: Initial (No.1) HTTPS request received for child 3 (server website.com:443)
[Sun Mar 01 10:49:56.297023 2020] [authz_core:debug] [pid 9852] mod_authz_core.c(846): [client 127.0.0.1:49482] AH01628: authorization result: granted (no directives)
[Sun Mar 01 10:49:56.297087 2020] [proxy:debug] [pid 9852] mod_proxy.c(1249): [client 127.0.0.1:49482] AH01143: Running scheme https handler (attempt 0)
[Sun Mar 01 10:49:56.297101 2020] [proxy:debug] [pid 9852] proxy_util.c(2316): AH00942: HTTPS: has acquired connection for (*)
[Sun Mar 01 10:49:56.297113 2020] [proxy:debug] [pid 9852] proxy_util.c(2369): [client 127.0.0.1:49482] AH00944: connecting https://localhost:8443/++vh++https:website.com:443/++/index.html to localhost:8443
[Sun Mar 01 10:49:56.297467 2020] [proxy:debug] [pid 9852] proxy_util.c(2578): [client 127.0.0.1:49482] AH00947: connected /++vh++https:website.com:443/++/index.html to localhost:8443
[Sun Mar 01 10:49:56.297696 2020] [proxy:debug] [pid 9852] proxy_util.c(3047): AH02824: HTTPS: connection established with 127.0.0.1:8443 (*)
[Sun Mar 01 10:49:56.297722 2020] [proxy:debug] [pid 9852] proxy_util.c(3215): AH00962: HTTPS: connection complete to 127.0.0.1:8443 (localhost)
[Sun Mar 01 10:49:56.297739 2020] [ssl:info] [pid 9852] [remote 127.0.0.1:8443] AH01964: Connection to child 0 established (server website.com:443)
[Sun Mar 01 10:49:56.298590 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(1740): [remote 127.0.0.1:8443] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: CN=website.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 033E19116893A728CDC809BA511D98069F7E / notbefore: Jun 29 23:22:00 2017 GMT / notafter: Sep 27 23:22:00 2017 GMT]
[Sun Mar 01 10:49:56.298625 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(1740): [remote 127.0.0.1:8443] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: CN=website.com / issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US / serial: 033E19116893A728CDC809BA511D98069F7E / notbefore: Jun 29 23:22:00 2017 GMT / notafter: Sep 27 23:22:00 2017 GMT]
[Sun Mar 01 10:49:56.303513 2020] [ssl:debug] [pid 9852] ssl_engine_kernel.c(2235): [remote 127.0.0.1:8443] AH02041: Protocol: TLSv1, Cipher: AES256-SHA (256/256 bits)
[Sun Mar 01 10:49:56.312046 2020] [proxy:debug] [pid 9852] proxy_util.c(2331): AH00943: *: has released connection for (*)
[Sun Mar 01 10:49:56.312139 2020] [ssl:debug] [pid 9852] ssl_engine_io.c(1106): [remote 127.0.0.1:8443] AH02001: Connection closed to child 0 with standard shutdown (server website.com:443)
[Sun Mar 01 10:49:56.312204 2020] [proxy:debug] [pid 9852] proxy_util.c(3154): [remote 127.0.0.1:8443] AH02642: proxy: connection shutdown
[Sun Mar 01 10:49:56.312461 2020] [ssl:debug] [pid 9852] ssl_engine_io.c(1106): [client 127.0.0.1:49482] AH02001: Connection closed to child 3 with standard shutdown (server website.com:443):%s/do
And output of Zope:
127.0.0.1 - - [01/Mar/2020:10:49:01 +0200] "GET /++vh++https:www.website.com:443/++/cgi-bin/awstats.pl HTTP/1.1" 404 102 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:73.0) Gecko/20100101 Firefox/73.0"
Update 2
Some interesting results to fix my issue:
If I do: 1)
<VirtualHost *:443>
...
# REWRITE
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/cgi-bin/awstats [NC]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^/(.*) https://website.com/$1 [R=301,L]
RewriteRule ^/(.*) https://localhost:8443/++vh++https:%{SERVER_NAME}:443/++/$1 [P,L]
...
</VirtualHost>
Then, the redirection from https://www to https:// is well achieved but CGI scripts generates a Zope error.
If I do: 2) remove the line:
`RewriteRule ^/(.*) https://website.com/$1 [R=301,L]` )
i.e :
<VirtualHost *:443>
...
# REWRITE
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/cgi-bin/awstats [NC]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^/(.*) https://localhost:8443/++vh++https:%{SERVER_NAME}:443/++/$1 [P,L]
...
</VirtualHost>
Then the redirection from https://www to https:// is not achieved but CGI scripts are available by typing in browser https://website.com/cgi-bin/awstats.pl.
How could I combine these 2 different configurations in order to have in the same time redirection and CGI scripts available ?
What you're missing in your workarounds is that the RewriteCond's only associate with the single RewriteRule that immediately follows.
If you want to skip the redirect to zope when the CGI is requested, exclude that particular RewriteRule by preceding it with a condition:
RewriteCond %{REQUEST_URI} !^/cgi-bin/awstats
# existing rule from Question
RewriteRule ^/(.*) https://localhost:8443/++vh++https:%{SERVER_NAME}:443/++/$1 [P,L]
In my apache web-server there is a path where clients must authenticate with a valid certificate.
Sometimes there is a client (a soap - webservice) that can't connect, my apache return 403 "sslv3 alert bad certificate (SSL alert number 42) -- Subject CN in certificate not server name or identical to CA!?" and I need to check why and which certificate it is using.
I setup trace3 loglevel for mod_ssl and a customlog like this:
CustomLog /var/log/httpd-ssl.log "%t %h \"%{User-agent}i\" %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %>s \"%{SSL_CLIENT_S_DN_CN}x\" <<<%{SSL_CLIENT_CERT}x>>>"
<IfModule mod_ssl.c>
ErrorLog /var/log/apache2/ssl_engine.log
LogLevel trace3
</IfModule>
In the first file log I can see all the informations of client that can connect but when the client fail there aren't the useful information:
[16/Feb/2019:11:01:43 +0100] XXX.XXX.XXX.XXX "IBM WebServices/1.0" - - "POST MYSECRETPATH HTTP/1.1" 403 "-" <<<->>>
In the second one I can see some information like:
[Thu Feb 21 13:57:55.288418 2019] [ssl:debug] [pid 99609] ssl_engine_kernel.c(359): [client xxx.xxx.xxx.xxx:56892] AH02034: Initial (No.1) HTTPS request received for child 5 (server XXX.XXX.XXX:443)
[Thu Feb 21 13:57:55.288591 2019] [ssl:debug] [pid 99609] ssl_engine_kernel.c(743): [client xxx.xxx.xxx.xxx:56892] AH02255: Changed client verification type will force renegotiation
[Thu Feb 21 13:57:55.557866 2019] [ssl:info] [pid 99609] [client xxx.xxx.xxx.xxx:56892] AH02221: Requesting connection re-negotiation
[Thu Feb 21 13:57:55.557902 2019] [ssl:debug] [pid 99609] ssl_engine_kernel.c(970): [client xxx.xxx.xxx.xxx:56892] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)
[Thu Feb 21 13:57:55.557919 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1988): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Handshake: start
[Thu Feb 21 13:57:55.557932 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSL renegotiate ciphers
[Thu Feb 21 13:57:55.557948 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 write hello request A
[Thu Feb 21 13:57:55.557978 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 flush data
[Thu Feb 21 13:57:55.557986 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 write hello request C
[Thu Feb 21 13:57:55.557996 2019] [ssl:info] [pid 99609] [client xxx.xxx.xxx.xxx:56892] AH02226: Awaiting re-negotiation handshake
[Thu Feb 21 13:57:55.558005 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1988): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Handshake: start
[Thu Feb 21 13:57:55.558016 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: before accept initialization
[Thu Feb 21 13:57:55.590106 2019] [ssl:debug] [pid 99609] ssl_engine_kernel.c(2141): [client xxx.xxx.xxx.xxx:56892] AH02645: Server name not provided via TLS extension (using default/first virtual host)
[Thu Feb 21 13:57:55.590134 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 read client hello A
[Thu Feb 21 13:57:55.590146 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 write server hello A
[Thu Feb 21 13:57:55.590177 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 write certificate A
[Thu Feb 21 13:57:55.590190 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 write certificate request A
[Thu Feb 21 13:57:55.590217 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(1996): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Loop: SSLv3 flush data
[Thu Feb 21 13:57:55.887495 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(2001): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Read: SSLv3 read client certificate A
[Thu Feb 21 13:57:55.887530 2019] [ssl:trace3] [pid 99609] ssl_engine_kernel.c(2020): [client xxx.xxx.xxx.xxx:56892] OpenSSL: Exit: failed in SSLv3 read client certificate A
[Thu Feb 21 13:57:55.887538 2019] [ssl:error] [pid 99609] [client xxx.xxx.xxx.xxx:56892] AH02261: Re-negotiation handshake failed
[Thu Feb 21 13:57:55.887567 2019] [ssl:error] [pid 99609] SSL Library Error: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate (SSL alert number 42) -- Subject CN in certificate not server name or identical to CA!?
[Thu Feb 21 13:57:55.887578 2019] [core:trace3] [pid 99609] request.c(117): [client xxx.xxx.xxx.xxx:56892] auth phase 'check access (with Satisfy All)' gave status 403: /my/secret/path
[Thu Feb 21 13:57:55.887611 2019] [http:trace3] [pid 99609] http_filters.c(1003): [client xxx.xxx.xxx.xxx:56892] Response sent with status 403
But there isn't something real useful.
I want to log/write the certificate that apache is reading and not accepting. How can I log it ?
You can enable SSL debugging logs in your Application Server JVM config by adding the following JVM command line parameter and restart the Application Server:
-Djavax.net.debug=all
Depending on your WAS version, adding the above parameter is typically done by navigating to WAS Admin Console > Servers > Application Servers > YourServer > Process Management > Java Virtual Machine > Generic JVM arguments
I've ran into a problem using mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit, OpenSSL 1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on Redhat. The mod_ssl is configured correctly - it works when proxying to to non-ssl serves. Also, the certificate on the proxy was issued with extensions allowing it to be used as both SSL client and server.
Due the regulations servers in this organisation are not allowed insecure communication, so the proxy must use SSL communicating to the application serves.
The problem occurs with SSL handshake between Apache and Weblogic. Perhaps they can't agree on ciphers? What do those 7 bytes received indicate?
[Thu Sep 18 09:32:14 2014] [debug] mod_proxy.c(1036): Running scheme https handler (attempt 0)
[Thu Sep 18 09:32:14 2014] [debug] mod_proxy_http.c(1995): proxy: HTTP: serving URL https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2022): proxy: HTTPS: has acquired connection for (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2078): proxy: connecting https://appdev2.example.com:8102/auth/logon.jsp?aa_param=user to appdev2.example.com:8102
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2236): proxy: connected /auth/logon.jsp?aa_param=user to appdev2.example.com:8102
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2487): proxy: HTTPS: fam 2 socket created to connect to appdev2.example.com
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2619): proxy: HTTPS: connection complete to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection to child 0 established (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [info] Seeding PRNG with 144 bytes of entropy
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1090): [client 10.40.0.224] SNI extension for SSL Proxy request set to 'appdev2.example.com'
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1903): OpenSSL: Handshake: start
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1911): OpenSSL: Loop: before/connect initialization
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1911): OpenSSL: Loop: SSLv2/v3 write client hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1939): OpenSSL: read 7/7 bytes from BIO#994fe0 [mem: 9ea880] (BIO dump follows)
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1872): +-------------------------------------------------------------------------+
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1911): | 0000: 15 03 00 00 02 02 28 ......( |
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_io.c(1917): +-------------------------------------------------------------------------+
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1916): OpenSSL: Read: SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1940): OpenSSL: Exit: error in SSLv2/v3 read server hello A
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] SSL Proxy connect failed
[Thu Sep 18 09:32:14 2014] [info] SSL Library Error: 336032784 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
[Thu Sep 18 09:32:14 2014] [info] [client 10.40.0.224] Connection closed to child 0 with abortive shutdown (server aaproxiedel1:443)
[Thu Sep 18 09:32:14 2014] [error] (502)Unknown error 502: proxy: pass request body failed to 10.40.0.224:8102 (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [error] [client 141.1.3.134] proxy: Error during SSL Handshake with remote server returned by /auth/logon.jsp
[Thu Sep 18 09:32:14 2014] [error] proxy: pass request body failed to 10.40.0.224:8102 (appdev2.example.com) from 141.1.3.134 ()
[Thu Sep 18 09:32:14 2014] [debug] proxy_util.c(2040): proxy: HTTPS: has released connection for (appdev2.example.com)
[Thu Sep 18 09:32:14 2014] [debug] ssl_engine_kernel.c(1921): OpenSSL: Write: SSL negotiation finished successfully
[Thu Sep 18 09:32:14 2014] [info] [client 141.1.3.134] Connection closed to child 2 with standard shutdown (server aaproxiedel1:443)
Some of the things you can try is enabling "the WebLogic Plugin". This is in the Domain -> Configuration -> Web Applications and server -> General -> Advanced.. This enables all weblogic related plugins to work.
If this doesn't fix it, try to enable tunneling in protocols.
What do you see on the Weblogic logs? Both Access and the server log file?
When i try to load localhost in any browser, it just keeps on loading for 10 ish minutes, before it times out. I have had this problem before, but then i just changed port 80 to 8080 or something alike, and unticked the option in skype settings.
This time it didnt cut it for me. I seriously have no clue how to fix this problem. Please let me know, if i can provide you with anymore information.
Apache error log:
[Fri Nov 22 16:02:38.463474 2013] [ssl:warn] [pid 6212:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Fri Nov 22 16:02:38.910499 2013] [ssl:warn] [pid 6212:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Fri Nov 22 16:02:38.959502 2013] [mpm_winnt:notice] [pid 6212:tid 272] AH00455: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19 configured -- resuming normal operations
[Fri Nov 22 16:02:38.959502 2013] [mpm_winnt:notice] [pid 6212:tid 272] AH00456: Server built: Feb 23 2013 13:07:34
[Fri Nov 22 16:02:38.959502 2013] [core:notice] [pid 6212:tid 272] AH00094: Command line: 'C:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Fri Nov 22 16:02:38.960502 2013] [mpm_winnt:notice] [pid 6212:tid 272] AH00418: Parent: Created child process 3740
Apache server shutdown initiated...
sl:warn] [pid 3740:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Fri Nov 22 16:02:40.097567 2013] [ssl:warn] [pid 3740:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Fri Nov 22 16:02:40.131569 2013] [mpm_winnt:notice] [pid 3740:tid 284] AH00354: Child: Starting 150 worker threads.
[Fri Nov 22 16:02:40.136569 2013] [mpm_winnt:error] [pid 3740:tid 1812] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Fri Nov 22 16:02:40.136569 2013] [mpm_winnt:error] [pid 3740:tid 1800] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Fri Nov 22 16:02:40.136569 2013] [mpm_winnt:error] [pid 3740:tid 1804] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Fri Nov 22 16:02:40.136569 2013] [mpm_winnt:error] [pid 3740:tid 1824] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Fri Nov 22 20:01:07.318893 2013] [mpm_winnt:notice] [pid 6212:tid 272] AH00422: Parent: Received shutdown signal -- Shutting down the server.
[Fri Nov 22 20:01:09.320008 2013] [mpm_winnt:notice] [pid 3740:tid 284] AH00364: Child: All worker threads have exited.
[Fri Nov 22 20:01:09.351010 2013] [mpm_winnt:notice] [pid 6212:tid 272] AH00430: Parent: Child process 3740 exited successfully.
[Tue Nov 26 10:01:15.190414 2013] [ssl:warn] [pid 6744:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:01:15.668441 2013] [ssl:warn] [pid 6744:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:01:15.746446 2013] [mpm_winnt:notice] [pid 6744:tid 272] AH00455: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19 configured -- resuming normal operations
[Tue Nov 26 10:01:15.747446 2013] [mpm_winnt:notice] [pid 6744:tid 272] AH00456: Server built: Feb 23 2013 13:07:34
[Tue Nov 26 10:01:15.747446 2013] [core:notice] [pid 6744:tid 272] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Tue Nov 26 10:01:15.748446 2013] [mpm_winnt:notice] [pid 6744:tid 272] AH00418: Parent: Created child process 4900
[Tue Nov 26 10:01:16.362481 2013] [ssl:warn] [pid 4900:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:01:16.809506 2013] [ssl:warn] [pid 4900:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:01:16.841508 2013] [mpm_winnt:notice] [pid 4900:tid 284] AH00354: Child: Starting 150 worker threads.
[Tue Nov 26 10:01:16.845508 2013] [mpm_winnt:error] [pid 4900:tid 1808] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:01:16.845508 2013] [mpm_winnt:error] [pid 4900:tid 1832] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:01:16.845508 2013] [mpm_winnt:error] [pid 4900:tid 1820] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:01:16.845508 2013] [mpm_winnt:error] [pid 4900:tid 1800] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:14:57.341438 2013] [ssl:warn] [pid 1104:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:14:57.363439 2013] [core:warn] [pid 1104:tid 272] AH00098: pid file C:/xampp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Tue Nov 26 10:14:57.754462 2013] [ssl:warn] [pid 1104:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:14:57.786464 2013] [mpm_winnt:notice] [pid 1104:tid 272] AH00455: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19 configured -- resuming normal operations
[Tue Nov 26 10:14:57.786464 2013] [mpm_winnt:notice] [pid 1104:tid 272] AH00456: Server built: Feb 23 2013 13:07:34
[Tue Nov 26 10:14:57.786464 2013] [core:notice] [pid 1104:tid 272] AH00094: Command line: 'apache\\bin\\httpd.exe -d C:/xampp/apache'
[Tue Nov 26 10:14:57.787464 2013] [mpm_winnt:notice] [pid 1104:tid 272] AH00418: Parent: Created child process 4852
Apache server shutdown initiated...
sl:warn] [pid 4852:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:14:58.872526 2013] [ssl:warn] [pid 4852:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:14:58.911528 2013] [mpm_winnt:notice] [pid 4852:tid 284] AH00354: Child: Starting 150 worker threads.
[Tue Nov 26 10:14:58.916528 2013] [mpm_winnt:error] [pid 4852:tid 1816] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:14:58.916528 2013] [mpm_winnt:error] [pid 4852:tid 1812] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:14:58.916528 2013] [mpm_winnt:error] [pid 4852:tid 1828] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:14:58.916528 2013] [mpm_winnt:error] [pid 4852:tid 1820] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:15:02.393727 2013] [mpm_winnt:notice] [pid 1104:tid 272] AH00422: Parent: Received shutdown signal -- Shutting down the server.
[Tue Nov 26 10:15:04.394841 2013] [mpm_winnt:notice] [pid 4852:tid 284] AH00364: Child: All worker threads have exited.
[Tue Nov 26 10:15:04.421843 2013] [mpm_winnt:notice] [pid 1104:tid 272] AH00430: Parent: Child process 4852 exited successfully.
[Tue Nov 26 10:26:00.240354 2013] [ssl:warn] [pid 6792:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:00.692380 2013] [ssl:warn] [pid 6792:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:00.724381 2013] [mpm_winnt:notice] [pid 6792:tid 272] AH00455: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19 configured -- resuming normal operations
[Tue Nov 26 10:26:00.724381 2013] [mpm_winnt:notice] [pid 6792:tid 272] AH00456: Server built: Feb 23 2013 13:07:34
[Tue Nov 26 10:26:00.724381 2013] [core:notice] [pid 6792:tid 272] AH00094: Command line: 'apache\\bin\\httpd.exe -d C:/xampp/apache'
[Tue Nov 26 10:26:00.725381 2013] [mpm_winnt:notice] [pid 6792:tid 272] AH00418: Parent: Created child process 4900
Apache server shutdown initiated...
sl:warn] [pid 4900:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:01.819444 2013] [ssl:warn] [pid 4900:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:01.850446 2013] [mpm_winnt:notice] [pid 4900:tid 284] AH00354: Child: Starting 150 worker threads.
[Tue Nov 26 10:26:01.854446 2013] [mpm_winnt:error] [pid 4900:tid 1820] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:01.854446 2013] [mpm_winnt:error] [pid 4900:tid 1812] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:01.854446 2013] [mpm_winnt:error] [pid 4900:tid 1828] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:01.854446 2013] [mpm_winnt:error] [pid 4900:tid 1808] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:16.033257 2013] [mpm_winnt:notice] [pid 6792:tid 272] AH00422: Parent: Received shutdown signal -- Shutting down the server.
[Tue Nov 26 10:26:18.034371 2013] [mpm_winnt:notice] [pid 4900:tid 284] AH00364: Child: All worker threads have exited.
[Tue Nov 26 10:26:18.060373 2013] [mpm_winnt:notice] [pid 6792:tid 272] AH00430: Parent: Child process 4900 exited successfully.
[Tue Nov 26 10:26:31.067117 2013] [ssl:warn] [pid 5684:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:31.498142 2013] [ssl:warn] [pid 5684:tid 272] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:31.530143 2013] [mpm_winnt:notice] [pid 5684:tid 272] AH00455: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19 configured -- resuming normal operations
[Tue Nov 26 10:26:31.530143 2013] [mpm_winnt:notice] [pid 5684:tid 272] AH00456: Server built: Feb 23 2013 13:07:34
[Tue Nov 26 10:26:31.530143 2013] [core:notice] [pid 5684:tid 272] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Tue Nov 26 10:26:31.531143 2013] [mpm_winnt:notice] [pid 5684:tid 272] AH00418: Parent: Created child process 5544
[Tue Nov 26 10:26:32.134178 2013] [ssl:warn] [pid 5544:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:32.597204 2013] [ssl:warn] [pid 5544:tid 284] AH01909: RSA certificate configured for www.example.com:443 does NOT include an ID which matches the server name
[Tue Nov 26 10:26:32.628206 2013] [mpm_winnt:notice] [pid 5544:tid 284] AH00354: Child: Starting 150 worker threads.
[Tue Nov 26 10:26:32.631206 2013] [mpm_winnt:error] [pid 5544:tid 1820] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:32.631206 2013] [mpm_winnt:error] [pid 5544:tid 1812] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:32.631206 2013] [mpm_winnt:error] [pid 5544:tid 1828] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
[Tue Nov 26 10:26:32.631206 2013] [mpm_winnt:error] [pid 5544:tid 1824] (OS 10038)An operation was attempted on something that is not a socket. : AH00332: winnt_accept: getsockname error on listening socket, is IPv6 available?
Netstat -ao :
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Teilmann>netstat -ao
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 Teilmann-PC:0 LISTENING 2968
TCP 0.0.0.0:135 Teilmann-PC:0 LISTENING 828
TCP 0.0.0.0:443 Teilmann-PC:0 LISTENING 2448
TCP 0.0.0.0:445 Teilmann-PC:0 LISTENING 4
TCP 0.0.0.0:554 Teilmann-PC:0 LISTENING 4588
TCP 0.0.0.0:563 Teilmann-PC:0 LISTENING 2448
TCP 0.0.0.0:2869 Teilmann-PC:0 LISTENING 4
TCP 0.0.0.0:3306 Teilmann-PC:0 LISTENING 3780
TCP 0.0.0.0:4433 Teilmann-PC:0 LISTENING 2968
TCP 0.0.0.0:10243 Teilmann-PC:0 LISTENING 4
TCP 0.0.0.0:17500 Teilmann-PC:0 LISTENING 3428
TCP 0.0.0.0:17729 Teilmann-PC:0 LISTENING 1964
TCP 0.0.0.0:49152 Teilmann-PC:0 LISTENING 492
TCP 0.0.0.0:49153 Teilmann-PC:0 LISTENING 892
TCP 0.0.0.0:49154 Teilmann-PC:0 LISTENING 968
TCP 0.0.0.0:49156 Teilmann-PC:0 LISTENING 556
TCP 0.0.0.0:49157 Teilmann-PC:0 LISTENING 576
TCP 0.0.0.0:57837 Teilmann-PC:0 LISTENING 2448
TCP 25.196.97.39:139 Teilmann-PC:0 LISTENING 4
TCP 127.0.0.1:80 Teilmann-PC:50016 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50017 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50543 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50544 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50546 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50547 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50560 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50561 CLOSE_WAIT 2968
TCP 127.0.0.1:80 Teilmann-PC:50630 ESTABLISHED 2968
TCP 127.0.0.1:80 Teilmann-PC:50631 CLOSE_WAIT 2968
TCP 127.0.0.1:4370 Teilmann-PC:0 LISTENING 3096
TCP 127.0.0.1:4380 Teilmann-PC:0 LISTENING 3096
TCP 127.0.0.1:5354 Teilmann-PC:0 LISTENING 1888
TCP 127.0.0.1:5939 Teilmann-PC:0 LISTENING 2124
TCP 127.0.0.1:11000 Teilmann-PC:0 LISTENING 3552
TCP 127.0.0.1:12000 Teilmann-PC:0 LISTENING 3552
TCP 127.0.0.1:19872 Teilmann-PC:49190 ESTABLISHED 3428
TCP 127.0.0.1:49155 Teilmann-PC:0 LISTENING 1052
TCP 127.0.0.1:49162 Teilmann-PC:0 LISTENING 3552
TCP 127.0.0.1:49167 Teilmann-PC:49168 ESTABLISHED 2448
TCP 127.0.0.1:49168 Teilmann-PC:49167 ESTABLISHED 2448
TCP 127.0.0.1:49169 Teilmann-PC:49170 ESTABLISHED 2448
TCP 127.0.0.1:49170 Teilmann-PC:49169 ESTABLISHED 2448
TCP 127.0.0.1:49171 Teilmann-PC:49172 ESTABLISHED 2448
TCP 127.0.0.1:49172 Teilmann-PC:49171 ESTABLISHED 2448
TCP 127.0.0.1:49173 Teilmann-PC:0 LISTENING 3544
TCP 127.0.0.1:49175 Teilmann-PC:49176 ESTABLISHED 2448
TCP 127.0.0.1:49176 Teilmann-PC:49175 ESTABLISHED 2448
TCP 127.0.0.1:49178 Teilmann-PC:49179 ESTABLISHED 2448
TCP 127.0.0.1:49179 Teilmann-PC:49178 ESTABLISHED 2448
TCP 127.0.0.1:49190 Teilmann-PC:19872 ESTABLISHED 3428
TCP 127.0.0.1:50016 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50017 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50543 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50544 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50546 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50547 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50560 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50561 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:50630 Teilmann-PC:http ESTABLISHED 3652
TCP 127.0.0.1:50631 Teilmann-PC:http FIN_WAIT_2 3652
TCP 127.0.0.1:60524 Teilmann-PC:0 LISTENING 2448
TCP 192.168.2.2:139 Teilmann-PC:0 LISTENING 4
TCP 192.168.2.2:49164 80-239-178-216:http CLOSE_WAIT 3552
TCP 192.168.2.2:49186 80-239-247-208:http CLOSE_WAIT 4004
TCP 192.168.2.2:49197 snt-re2-7b:http ESTABLISHED 3428
TCP 192.168.2.2:49253 fa-in-f94:https ESTABLISHED 3652
TCP 192.168.2.2:49262 62.116.207.42:https ESTABLISHED 3652
TCP 192.168.2.2:49265 62.116.207.48:https ESTABLISHED 3652
TCP 192.168.2.2:49451 5.56.153.177:http ESTABLISHED 3652
TCP 192.168.2.2:49955 a23-53-32-60:https CLOSE_WAIT 6812
TCP 192.168.2.2:49956 80-239-178-203:http CLOSE_WAIT 6812
TCP 192.168.2.2:50442 fa-in-f94:http ESTABLISHED 3652
TCP 192.168.2.2:50443 fa-in-f105:http ESTABLISHED 3652
TCP 192.168.2.2:50624 80-239-178-154:https ESTABLISHED 3652
TCP 192.168.2.2:50625 80-239-178-154:https ESTABLISHED 3652
TCP 192.168.2.2:50626 80-239-178-154:https ESTABLISHED 3652
TCP 192.168.2.2:50627 80-239-178-154:https ESTABLISHED 3652
TCP 192.168.2.2:50628 80-239-178-154:https ESTABLISHED 3652
TCP 192.168.2.2:50629 80-239-178-154:https ESTABLISHED 3652
TCP 192.168.2.2:50648 80-239-247-145:http ESTABLISHED 3652
TCP 192.168.2.2:50680 80-239-247-184:http ESTABLISHED 3652
TCP 192.168.2.2:50734 arn06s02-in-f21:https ESTABLISHED 3652
TCP 192.168.2.2:50741 arn06s02-in-f11:https ESTABLISHED 3652
TCP 192.168.2.2:50742 fa-in-f105:https ESTABLISHED 3652
TCP 192.168.2.2:50743 arn06s02-in-f15:https ESTABLISHED 3652
TCP 192.168.2.2:50746 arn02s06-in-f15:https ESTABLISHED 3652
TCP 192.168.2.2:50747 arn02s05-in-f29:https ESTABLISHED 3652
TCP 192.168.2.2:50755 scl03s05-in-f15:https ESTABLISHED 3652
TCP 192.168.2.2:50759 arn02s06-in-f11:https ESTABLISHED 3652
TCP 192.168.2.2:50883 ec2-54-228-198-107:https ESTABLISHED 3652
TCP 192.168.2.2:50889 stackoverflow:http ESTABLISHED 3652
TCP 192.168.2.2:50890 ec2-54-243-128-120:http ESTABLISHED 3652
TCP 192.168.2.2:50891 62.116.207.53:https ESTABLISHED 3652
TCP 192.168.2.2:50892 stackoverflow:https ESTABLISHED 3652
TCP 192.168.2.2:50893 62.116.207.59:http ESTABLISHED 3652
TCP [::]:80 Teilmann-PC:0 LISTENING 2968
TCP [::]:135 Teilmann-PC:0 LISTENING 828
TCP [::]:445 Teilmann-PC:0 LISTENING 4
TCP [::]:554 Teilmann-PC:0 LISTENING 4588
TCP [::]:2869 Teilmann-PC:0 LISTENING 4
TCP [::]:4433 Teilmann-PC:0 LISTENING 2968
TCP [::]:10243 Teilmann-PC:0 LISTENING 4
TCP [::]:49152 Teilmann-PC:0 LISTENING 492
TCP [::]:49153 Teilmann-PC:0 LISTENING 892
TCP [::]:49154 Teilmann-PC:0 LISTENING 968
TCP [::]:49156 Teilmann-PC:0 LISTENING 556
TCP [::]:49157 Teilmann-PC:0 LISTENING 576
UDP 0.0.0.0:5004 *:* 4588
UDP 0.0.0.0:5005 *:* 4588
UDP 0.0.0.0:5355 *:* 1136
UDP 0.0.0.0:17500 *:* 3428
UDP 0.0.0.0:55816 *:* 1888
UDP 0.0.0.0:57837 *:* 2448
UDP 25.196.97.39:137 *:* 4
UDP 25.196.97.39:138 *:* 4
UDP 25.196.97.39:1900 *:* 3452
UDP 25.196.97.39:5353 *:* 1888
UDP 25.196.97.39:57664 *:* 3452
UDP 127.0.0.1:1900 *:* 3452
UDP 127.0.0.1:44301 *:* 1124
UDP 127.0.0.1:54382 *:* 3228
UDP 127.0.0.1:57659 *:* 1756
UDP 127.0.0.1:57665 *:* 3452
UDP 127.0.0.1:61696 *:* 3544
UDP 192.168.2.2:137 *:* 4
UDP 192.168.2.2:138 *:* 4
UDP 192.168.2.2:1900 *:* 3452
UDP 192.168.2.2:5353 *:* 1888
UDP 192.168.2.2:57663 *:* 3452
UDP [::]:5004 *:* 4588
UDP [::]:5005 *:* 4588
UDP [::]:5355 *:* 1136
UDP [::]:55817 *:* 1888
UDP [::1]:1900 *:* 3452
UDP [::1]:5353 *:* 1888
UDP [::1]:57662 *:* 3452
UDP [fe80::3c18:a750:2ed3:bee%12]:1900 *:* 3452
UDP [fe80::3c18:a750:2ed3:bee%12]:57661 *:* 3452
UDP [fe80::7833:3faa:25a4:180%11]:1900 *:* 3452
UDP [fe80::7833:3faa:25a4:180%11]:57660 *:* 3452
Check What’s Using Port 80?
Further detective work is necessary if IIS, SSRS and Skype are not to blame. Enter the following on the command line:
netstat -ao
The active TCP addresses and ports will be listed — locate the line with local address “0.0.0.0:80″ and note the PID value.
Now right-click the task bar and select Start Task Manager. Navigate to the Processes tab and, if necessary, click View > Select Columns… to ensure “PID (Process Identifier)” is checked. You can now locate the PID you noted above. The description and properties should help you determine which application is using the port.
The Task Manager allows you to kill the process, but be a little wary about doing that — especially if it’s “NT Kernel & System”.
Microsoft-HTTPAPI/2.0
NT Kernel & System is an essential service. Stopping it will probably stop Windows in a blue-screeny-like way. Therefore, enter the following at the command line:
telnet 127.0.0.1 80
If you’re faced with a blank screen, type “GET” and hit return. The chances are, you’ll see a line stating that Microsoft-HTTPAPI/2.0 is listening on port 80. If that’s the case, open Services from Administrative Tools and locate “Web Deployment Agent Service”. Stop the service and set it’s startup type to “Manual”.
The Web Deployment Agent Service is deployed with WebMatrix and was the cause of my woes. It may also be distributed with other applications installed using Microsoft’s Web Platform Installer.
That caused me a few frustrating hours so I hope it solves your Apache or WAMP start-up problems.
Skype
There is one more, maybe stupid but still a reason – Skype.
there is a checkbox in
Options->Advanced->Connection->“use port 80 and 443 as alternatives for incoming connections”