From owner-freebsd-questions@FreeBSD.ORG Tue Aug 1 03:17:03 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A6B5816A4DD for ; Tue, 1 Aug 2006 03:17:03 +0000 (UTC) (envelope-from iain@iaindooley.com) Received: from nitrous.powerband.net.au (nitrous.powerband.net.au [125.62.95.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9BC4A43D53 for ; Tue, 1 Aug 2006 03:17:01 +0000 (GMT) (envelope-from iain@iaindooley.com) Received: from localhost (localhost [127.0.0.1]) by nitrous.powerband.net.au with ESMTP id k713Hj6L017058 for ; Tue, 1 Aug 2006 13:17:45 +1000 (EST) (envelope-from iain@iaindooley.com) Received: from nitrous.powerband.net.au ([127.0.0.1]) by localhost (nitrous.powerband.net.au [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 15186-09 for ; Tue, 1 Aug 2006 13:17:43 +1000 (EST) Received: from LOGGED by nitrous.powerband.net.au with ESMTP id k71382v5016534 for ; Tue, 1 Aug 2006 13:08:03 +1000 (EST) (envelope-from iain@iaindooley.com) Received: from piper.iaindooley.com (localhost [127.0.0.1]) by piper.iaindooley.com (8.13.3/8.13.3) with ESMTP id k713B2CY085285 for ; Tue, 1 Aug 2006 13:11:02 +1000 (EST) (envelope-from iain@piper.iaindooley.com) Received: from localhost (iain@localhost) by piper.iaindooley.com (8.13.3/8.13.3/Submit) with ESMTP id k713B2OB085282 for ; Tue, 1 Aug 2006 13:11:02 +1000 (EST) (envelope-from iain@piper.iaindooley.com) Date: Tue, 1 Aug 2006 13:11:02 +1000 (EST) From: Iain Dooley To: freebsd-questions@freebsd.org Message-ID: <20060801130538.A68813@piper.iaindooley.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by amavisd-new using ClamAV at powerband.net.au Subject: openssl and apache X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Aug 2006 03:17:03 -0000 hi there, uname -a: FreeBSD cirrus.dfi.net.au 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Sun Jul 9 12:08:32 EST 2006 amac@cirrus.dfi.net.au:/usr/src/sys/i386/compile/NEWKERNEL i3861~ i recently got ssl running with apache. i'm not quite sure how it happened, but at some point after this i could not longer ssh into the box. i went into the data centre and found that when i tried to ssh out of the machine, the error: OpenSSL Version Mismatch appeared on the screen. It was quite important to get this working, and some googling turned up the possibility that this was because there were two versions of openssl installed on the machine. i did: cd /usr/ports/security/openssl make deinstall and i could then ssh in and out of the box. however, now when i request a page using https from this machine the error: [Tue Aug 01 13:55:22 2006] [error] [client 125.62.65.184] Invalid method in request \x80g\x01\x03 shows up in my apache logs. if i try: openssl s_client -connect my.host:443 i get: 85161:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:478: i can telnet into the host on port 443 successfully. obviously i need to upgrade openssl somehow, but i'm afraid if i try and do it using the ports then i'll break ssh login on the machine again. does anyone have any clues? cheers iain dooley