I am occasionally seeing the following error report from bbtest:
IO error in SSL_connect to https (47873/tcp) on host x.y.z.a: error:00000000:lib(0):func(0):reason(0)
Does anybody know what this signifies?
(my apologies for the duplicate post)
Thanks, Larry Barber
I used to see this error w/ squid when using self-generated or chained certs. I always figured it was something to do with the client not accepting the cert or having an error checking the chain of trust.
On 11/20/06, Larry Barber <lebarber at gmail.com> wrote:
I am occasionally seeing the following error report from bbtest:
IO error in SSL_connect to https (47873/tcp) on host x.y.z.a: error:00000000:lib(0):func(0):reason(0)
Does anybody know what this signifies?
(my apologies for the duplicate post)
Thanks, Larry Barber
That doesn't seem to apply here, the cert is from Verisign and I don't believe that it is chained. These are just intermittent failures that last from 1 round of testing to several minutes, then go away. The websites associated with the test also have problems when this error is reported, I don't think this is a Hobbit problem, I'm just trying to help with the trouble-shooting.
Thanks, Larry Barber
On 11/20/06, Dan Vande More <bigdan at gmail.com> wrote:
I used to see this error w/ squid when using self-generated or chained certs. I always figured it was something to do with the client not accepting the cert or having an error checking the chain of trust.
On 11/20/06, Larry Barber <lebarber at gmail.com> wrote:
I am occasionally seeing the following error report from bbtest:
IO error in SSL_connect to https (47873/tcp) on host x.y.z.a: error:00000000:lib(0):func(0):reason(0)
Does anybody know what this signifies?
(my apologies for the duplicate post)
Thanks, Larry Barber
On Mon, Nov 20, 2006 at 04:13:16PM -0600, Larry Barber wrote:
That doesn't seem to apply here, the cert is from Verisign and I don't believe that it is chained. These are just intermittent failures that last from 1 round of testing to several minutes, then go away. The websites associated with the test also have problems when this error is reported, I don't think this is a Hobbit problem, I'm just trying to help with the trouble-shooting.
I've also seen this occasionally with https tests. The frustrating thing is that OpenSSL reports an error, but doesn't provide any information whatsoever about what the error is (that's the "error:0...." message). But since it happens when calling SSL_connect, I suppose there is some sort of problem with the SSL handshake (this error happens *after* Hobbit managed to connect at the network - TCP/IP - layer, so the connection to the webserver has been established). It could be a lack of entropy (randomness) on the Hobbit server so it cannot generate a session key, but that is just a wild guess - and it doesnt really sound like something that would happen.
Regards, Henrik
I don't think it has anything to do with Hobbit or the Hobbit server, as the website goes down when we see this error as well.
Thanks, Larry Barber
On 11/20/06, Henrik Stoerner <henrik at hswn.dk> wrote:
On Mon, Nov 20, 2006 at 04:13:16PM -0600, Larry Barber wrote:
That doesn't seem to apply here, the cert is from Verisign and I don't believe that it is chained. These are just intermittent failures that last from 1 round of testing to several minutes, then go away. The websites associated with the test also have problems when this error is reported, I don't think this is a Hobbit problem, I'm just trying to help with the trouble-shooting.
I've also seen this occasionally with https tests. The frustrating thing is that OpenSSL reports an error, but doesn't provide any information whatsoever about what the error is (that's the "error:0...." message). But since it happens when calling SSL_connect, I suppose there is some sort of problem with the SSL handshake (this error happens *after* Hobbit managed to connect at the network - TCP/IP - layer, so the connection to the webserver has been established). It could be a lack of entropy (randomness) on the Hobbit server so it cannot generate a session key, but that is just a wild guess - and it doesnt really sound like something that would happen.
Regards, Henrik
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Is it possible that this error might be caused by a lack of entropy on the webserver being tested?
Thanks, Larry Barber
On 11/20/06, Larry Barber <lebarber at gmail.com> wrote:
I don't think it has anything to do with Hobbit or the Hobbit server, as the website goes down when we see this error as well.
Thanks, Larry Barber
On 11/20/06, Henrik Stoerner <henrik at hswn.dk> wrote:
On Mon, Nov 20, 2006 at 04:13:16PM -0600, Larry Barber wrote:
That doesn't seem to apply here, the cert is from Verisign and I don't believe that it is chained. These are just intermittent failures that last from 1 round of testing to several minutes, then go away. The websites associated with the test also have problems when this error is reported, I don't think this is a Hobbit problem, I'm just trying to help with the
trouble-shooting.
I've also seen this occasionally with https tests. The frustrating thing is that OpenSSL reports an error, but doesn't provide any information whatsoever about what the error is (that's the "error:0...." message). But since it happens when calling SSL_connect, I suppose there is some sort of problem with the SSL handshake (this error happens *after* Hobbit managed to connect at the network - TCP/IP - layer, so the connection to the webserver has been established). It could be a lack of
entropy (randomness) on the Hobbit server so it cannot generate a session key, but that is just a wild guess - and it doesnt really sound like something that would happen.
Regards, Henrik
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
participants (3)
-
bigdan@gmail.com
-
henrik@hswn.dk
-
lebarber@gmail.com