[lug] Occasional Apache SSL Error

Bear Giles bgiles at coyotesong.com
Mon Apr 25 09:28:58 MDT 2011

On Sun, Apr 24, 2011 at 11:04 PM, David L. Anselmi <anselmi at anselmi.us>wrote:

> Ben Luey wrote:

> > The default SSL logging (/var/log/apache2/ssl_access.log and
> /var/log/apache2/error.log with log
>  > level warn doesn't show anything for the 'bad' traffic. No record of the
> GET request or
> > anything.
> I'd expect the server to be oblivious to the client complaining about a bad
> sig.  Although the
> client calling it a "peer" seems suspicious (unless that's SSL protocol
> terminology).  But the
> server ought to notice a protocol error.

That's SSL terminology since it's just a network connection.

Related: we're used to seeing server-side authentication but it's also
perfectly reasonable to require client-side authentication or mutual
authentication. Some things make more sense when you keep that in mind.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20110425/e2ff45b4/attachment.html>

More information about the LUG mailing list