On 29 June 2017 at 10:10, Phil Crooker <user-e8e31cd73303@xymon.invalid> wrote:
Well, I'm sure you'll learn quite a bit about certificates before you are
done ;-)
I think this has nothing to do with certificates.
This can be difficult to troubleshoot as it is all encrypted (or won't
work at all because it is so broken that it can't be encrypted)! There are
the errors: write:error=104, no peer cert and no cert CA names. You will
just need to work out what is happening.
And to me, most telling:
SSL handshake has read 0 bytes and written 247 bytes
So, "read 0 bytes". That means the web server didn't send a single packet
during the SSL handshake, which is (I believe) the very first thing that
happens. The webserver (probably) accepted a connection, but then sent
nothing.
As Jeremy said, look at the server logs (esp the startup part).
Actually, John said this first. I just reiterated.
Zoltan: please look at your webserver logs for errors and let us know what
you see. If Apache, will probably be a file called error_log or
ssl_error_log or something like that. Perhaps you can run a "tail -f" on
the logfile, and at the same, run the openssl command again.
J