Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Detecting the ssl version used in the server
Top Forums UNIX for Advanced & Expert Users Detecting the ssl version used in the server Post 303030905 by anaigini45 on Tuesday 19th of February 2019 03:52:24 AM
Old 02-19-2019
Detecting the ssl version used in the server
Recently we were faced with a critical problem whereby our company website (E-Commerce platform) was not accessible. It threw a 301/302 error. This platform is used for subscribers to purchase reloads, subscribe to new plans and so forth.

When we ran a curl command to troubleshoot further, this was the error we found :

Code:
[oracle@ecwebapp01 ~]$ curl https://connect.telenordigital.com/oath
curl: (35) SSL connect error

We compared the output with another staging platform, which did not have this connectivity problem. Thus we compared the configurations in the test server with the production server, and found that the openssl for both the production and staging were same :

Production :

Code:
[root@ecwebapp01 digi_aigini]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
[root@ecwebapp01 digi_aigini]#

Staging :

Code:
[root@ecappstg01 digi_aigini]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
[root@ecappstg01 digi_aigini]#


The management confirmed that the certificates in the production had not expired. And to prove this, we copied the certificates from the production to the staging, and the staging server was still able to access the site.

We finally checked the Load Balancer (All the E-Comm servers are connected to the LB), and we found that the communication between the production server and the website used ssl v2, whereas the staging used TLSv1.2.

And because of this, the head of department guessed that the team that was responsible with managing the website we were trying to access had blocked the ability to use the old ssl version. We called the team to confirm, and true enough this was the reason of the problem.

However, I am still unclear of why the ssl version for both the servers vary. According to my team lead, only the Load Balancer is configured to use the SSL.

Not the servers. So my question is how did the LB get the information of the different SSL versions for both the servers?
 

10 More Discussions You Might Find Interesting

1. Solaris

Sun ONE Web Server 6.1 - enable SSL?

I've upgraded Iplannet 4.1 to Sun ONE Web Server 6.1. However. Now i can't seem to connect on port 4443 which was originally being used in 4.1 to deal with transactions....when i try to run a query on this port (4443) i get the following error: Access to the server was denied I suspect i... (1 Reply)
Discussion started by: AJD
1 Replies

2. UNIX for Dummies Questions & Answers

to enable POP3(ssl) and SMTP(ssl) in Squid

i have configured Squid proxy server in Fedora 8 with two network interfaces. HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl). so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Discussion started by: praneel2k
1 Replies

3. Solaris

network driver not detecting in solaris 10 X86 on HPDL380G5 Server

I have installed solaris10 x86 on HP DL380 G5 Server, but network card is not getting detected. i have installed the network driver, downloaded from the following link HP ProLiant DL380 G5 Server series- Download drivers and software - HP Business Support Center Can any one suggest me how to... (1 Reply)
Discussion started by: raj.chinnu
1 Replies

4. Web Development

Apache, cgi script run twice when ssl, once when not ssl

I have interesting problem. https:/host/some/x.cgi - this script has run twice when I call this url But http:/host/some/x.cgi work fine, only once. Output is text/plain. If I change output format to the Content-type text/html, then both urls works fine - executed only once. (2 Replies)
Discussion started by: kshji
2 Replies

5. Web Development

Apache - ModSSL (SSL Version?)

Does anyone know where Apache's use of SSL_VERSION_LIBRARY is defined and pulled from, in regard to headers? So far, I've tracked it down to mod_ssl. Which is fine, however, when I recompile mod_ssl with a new version of OpenSSL, and install the module, the request headers still report the old... (0 Replies)
Discussion started by: sun2ecliptic
0 Replies

6. Shell Programming and Scripting

How to connect to FTP server which requires SSL authentication?

Hello, I tried searching through lot of threads for a solution but couldn't fetch the exact solution, so I am creating a new thread. I am trying to connect to a FTP server 1) using a simple FTP command, it gives the error : 534 Policy requires SSL. Login failed. 2) using SFTP... (19 Replies)
Discussion started by: amitshete
19 Replies

7. UNIX for Dummies Questions & Answers

Installing SSL certificates on Ubuntu Server 12.04

Hi everyone, I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good. What a I want to know is how can... (2 Replies)
Discussion started by: gacanepa
2 Replies

8. Red Hat

Red Hat application server ssl keystore problem

A client is accessing our JBoss server. In the past, we set up a keystore and everything worked fine. That certificat expired and we've installed the new one. Now the client is getting the following error - HTTP/1.1 500 Internal Server Error Date: Mon, 14 Apr 2014 13:25:44 GMT Server:... (1 Reply)
Discussion started by: kkinney
1 Replies

9. Linux

Apache wildcard ssl on subdomain serves same page for non ssl virtualhosts

Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website! please advise if I missed any concept / configs... Thank you! httpd.conf <VirtualHost *:80> ServerName www.my-site.com ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies

10. Programming

NodeMCU ESP8266 Blynk SSL Application for Linux Server Load Averages

Here is a useful SSL (HTTPS) application for anyone with a remote Linux server they want to keep an eye on using Blynk and the NodeMCU ESP8266. This little app also works (have tested as well) on the WeMos D1 ESP8266 Arduino board. The NodeMCU setup could not be easier, just find a... (8 Replies)
Discussion started by: Neo
8 Replies

LEARN ABOUT PHP

yaf_config_ini

YAF_CONFIG_INI(3)							 1							 YAF_CONFIG_INI(3)

The Yaf_Config_Ini class

INTRODUCTION

	Yaf_Config_Ini	enables  developers  to store configuration data in a familiar INI format and read them in the application by using nested
       object property syntax. The INI format is specialized to provide both the ability to have a hierarchy of configuration data keys and inher-
       itance  between	configuration  data  sections.	Configuration data hierarchies are supported by separating the keys with the dot or period
       character ("."). A section may extend or inherit from another section by following the section name with a colon character  (":")  and  the
       name of the section from which data are to be inherited.

       Note

	       Yaf_Config_Ini  utilizes  the >> parse_ini_file() PHP function. Please review this documentation to be aware of its specific behav-
	      iors, which propagate to Yaf_Config_Ini, such as how the special values of " TRUE", " FALSE", "yes", "no", and " NULL" are handled.

CLASS SYNOPSIS

       Yaf_Config_Ini

       Yaf_Config_Iniextends
       Yaf_Config_AbstractIteratorArrayAccessCountable

       Properties

       Methods

       o public Yaf_Config_Ini::__construct (string  $config_file, [string  $section])

       o public void Yaf_Config_Ini::count (void  )

       o public void Yaf_Config_Ini::current (void  )

       o public void Yaf_Config_Ini::__get ([string  $name])

       o public void Yaf_Config_Ini::__isset (string  $name)

       o public void Yaf_Config_Ini::key (void	)

       o public void Yaf_Config_Ini::next (void  )

       o public void Yaf_Config_Ini::offsetExists (string  $name)

       o public void Yaf_Config_Ini::offsetGet (string	$name)

       o public void Yaf_Config_Ini::offsetSet (string	$name, string  $value)

       o public void Yaf_Config_Ini::offsetUnset (string  $name)

       o public void Yaf_Config_Ini::readonly (void  )

       o public void Yaf_Config_Ini::rewind (void  )

       o public void Yaf_Config_Ini::__set (string  $name, mixed  $value)

       o public array Yaf_Config_Ini::toArray (void  )

       o public void Yaf_Config_Ini::valid (void  )

       Inherited methods

       o abstractpublic mixed Yaf_Config_Abstract::get (string	$name, mixed  $value)

       o abstractpublic bool Yaf_Config_Abstract::readonly (void  )

       o abstractpublic Yaf_Config_Abstract Yaf_Config_Abstract::set (void  )

       o abstractpublic array Yaf_Config_Abstract::toArray (void  )

PROPERTIES

	      o $_config
		-

	      o $_readonly
		-

EXAMPLES

       Example #1

	      Yaf_Config_Ini(3)example

	       This example illustrates a basic use of Yaf_Config_Ini for loading configuration data from an INI file. In this example	there  are
	      configuration  data  for	both  a production system and for a staging system. Because the staging system configuration data are very
	      similar to those for production, the staging section inherits from the production section. In this case, the decision  is  arbitrary
	      and  could have been written conversely, with the production section inheriting from the staging section, though this may not be the
	      case for more complex situations. Suppose, then, that the following configuration data are contained in /path/to/config.ini:

	      ; Production site configuration data
	      [production]
	      webhost		       = www.example.com
	      database.adapter	       = pdo_mysql
	      database.params.host     = db.example.com
	      database.params.username = dbuser
	      database.params.password = secret
	      database.params.dbname   = dbname

	      ; Staging site configuration data inherits from production and
	      ; overrides values as necessary
	      [staging : production]
	      database.params.host     = dev.example.com
	      database.params.username = devuser
	      database.params.password = devsecret

	      <?php
	      $config = new Yaf_Config_Ini('/path/to/config.ini', 'staging');

	      var_dump($config->database->params->host);
	      var_dump($config->database->params->dbname);
	      var_dump($config->get("database.params.username"));
	      ?>

	      The above example will output something similar to:

	      string(15) "dev.example.com"
	      string(6) "dbname"
	      string(7) "devuser

PHP Documentation Group 													 YAF_CONFIG_INI(3)
All times are GMT -4. The time now is 01:41 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy