Xymon Mailing List Archive search

Non random SSL problem

list Paul Bury
Tue, 17 May 2005 11:44:19 +1000
Message-Id: <20050517115278.SM02180@YogSothoth>

Thanks for you quick response. Your suggestion fixed the problem with
running configure but I still get the same error message for the https site
the http url listed works fine and the response time for the https url is
being graphed.

Error shown in hobbit:
HTTP/1.1 400 Bad Request
Date: Tue, 17 May 2005 00:11:30 GMT
Server: Apache/1.3.27 (Unix) mod_ssl/2.8.14 OpenSSL/0.9.7b
Connection: close
Content-Type: text/html; charset=iso-8859-1

Seconds:     0.03

Config line from the bb-hosts file:
10.30.11.103 speedy # ftp http://the.website.url
https://the.secure.website.url

Extract from the log file on the https server:
[17/May/2005 09:46:23 20114] [error] SSL handshake failed: HTTP spoken on
HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[17/May/2005 09:46:23 20114] [error] OpenSSL: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS
port!?]

Any suggestions ?

Regards

Paul

-----Original Message-----
From: Henrik Stoerner [mailto:user-ce4a2c883f75@xymon.invalid] 
Sent: Monday, 16 May 2005 7:37 PM
To: user-ae9b8668bcde@xymon.invalid
Subject: Re: [hobbit] Non random SSL problem

On Mon, May 16, 2005 at 05:32:24PM +1000, Paul Bury wrote:

I am new to the list and relatively new to hobbit and I am having some 
troubles getting it working on a Solaris 9 box. I have the patch to 
fix the /dev/random issue. I have installed openssl-0.9.7g.

When I build hobbit without ssl support it works fine. When I try and 
run ./configure and select yes for ssl support I get the following 
error message. It then prompts me to see if I still want to install 
with ssl support. If I answer yes to this it seems to work but any 
https: url's in the config file fail.

The error received during configure is:

Found OpenSSL include files in /usr/local/ssl/include
Undefined                       first referenced
 symbol                             in file
socket           /usr/local/ssl/lib/libcrypto.a(rand_egd.o)
connect          /usr/local/ssl/lib/libcrypto.a(rand_egd.o)
I think that's a bug in the configuration-script, and I am surprised it
hasn't been reported before. Could you try changing the
hobbit-4.0.3rc2/build/Makefile.test-ssl file - the line that reads

    @$(CC) $(CFLAGS) $(OSSLLIB) -o test-ssl test-ssl.o -lssl -lcrypto

should be

    @$(CC) $(CFLAGS) $(OSSLLIB) -o test-ssl test-ssl.o -lssl -lcrypto
$(NETLIBS)


(i.e. just add "$(NETLIBS)" to the line. That should make the
SSL-configuration work, and then your https URL's should also be tested
correctly.


Regards,
Henrik