Apache Error + SSL 336027900

Question

Apache Error + SSL 336027900

I looked through the logs for the servers of my companies today, and I found that error 336027900 seemed to be logged every 5 minutes. This shows the log:

[Wed Mar 25 15:10:19 2009] [info] [client 127.0.0.1] Connection to child 3 established (server localhost:443) [Wed Mar 25 15:10:19 2009] [info] Seeding PRNG with 656 bytes of entropy [Wed Mar 25 15:10:19 2009] [info] [client 127.0.0.1] SSL library error 1 in handshake (server localhost:443) [Wed Mar 25 15:10:19 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!? [Wed Mar 25 15:10:19 2009] [info] [client 127.0.0.1] Connection closed to child 3 with abortive shutdown (server localhost:443) [Wed Mar 25 15:10:20 2009] [info] [client 127.0.0.1] Connection to child 12 established (server localhost:443) [Wed Mar 25 15:10:20 2009] [info] Seeding PRNG with 656 bytes of entropy [Wed Mar 25 15:10:20 2009] [info] [client 127.0.0.1] SSL library error 1 in handshake (server localhost:443) [Wed Mar 25 15:10:20 2009] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!? [Wed Mar 25 15:10:20 2009] [info] [client 127.0.0.1] Connection closed to child 12 with abortive shutdown (server localhost:443)

Our hosts are all behind a single proxy that is correctly configured to handle SSL requests. I have confirmed that all of our vhost files have the appropriate port settings. I searched Google for this error message and did not find anything useful. Any help would be greatly appreciated.

Thanks,

James armes

+4

linux ssl apache

James armes Mar 25 '09 at 19:47

source share

6 answers

By the way, if you are doing a reverse proxy, you should take a look at allowing the reverse proxy to use SSL instead of Apache. Clients access the reverse proxy using SSL on 443, and the reverse proxy decrypts all this and redirects it to your Apache server, which knows nothing about SSL.

Both squid and nginx support it. This way you don't have to bother with SSL working on apache.

+1

Cory R. king Mar 29 '09 at 2:06

source share

it looks like an “internal dummy link”
here is some more info about it:
http://wiki.apache.org/httpd/InternalDummyConnection

+1

Chetpot Nov 02 '10 at 21:05

source share

I think Jeff is right ...

Some software connects to your servers without using ssl, perhaps the proxy sends some packets or some control messages, or you have some monitoring software that connects every 5 minutes but does not take SSL into account.

0

Andor Mar 26 '09 at 10:34

source share

I saw this error when trying to establish a connection with a browser in which only SSLv2 protocol is enabled.

0

Conrad Apr 9 '09 at 21:56

source share

Every five minutes, a thing sounds like Pingability.com (or the like) amazes you.

0

Guy stevens Jan 29 '10 at 8:54

source share

Jeff · Accepted Answer · 2009-03-25T19:52:39+0000

Do you have a monitoring application that connects to the server with an interval of 5 minutes?

This mistake looks familiar; I believe this happens when the client connects, but tries to speak HTTP, not HTTPS.

Apache Error + SSL 336027900

More articles: