Hello,
Please advise on next steps.
We are actually still having issues with the cipher stuff. Per the earlier email the expected cipher supported by the system under test is: SSLv3, cipher SSL_RSA_WITH_RC4_128_MD5.
From the client I am able to connect to the system under test successfully using openssl and the specific cipher and ssl version:
[root@g1llloadgen002 logs]# openssl s_client -cipher 'RC4-MD5' -ssl3 -connect webserver:443
CONNECTED(00000003)
depth=0 /C=XX/L=Default City/O=Default Company Ltd
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=XX/L=Default City/O=Default Company Ltd
verify return:1
---
Certificate chain
0 s:/C=XX/L=Default City/O=Default Company Ltd
i:/C=XX/L=Default City/O=Default Company Ltd
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICUjCCAbugAwIBAgIJAMkb2SaLrBaSMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNV
BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg
Q29tcGFueSBMdGQwHhcNMTUwNTA1MjM1NzQxWhcNMTUwNjA0MjM1NzQxWjBCMQsw
CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh
dWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDc2IEI
AYoHHhPB/MD93DeDcLC7OuPxXR73WrcIiyRt7NSe6R+cWiiGxuex4XJzSDsWEvQv
RsspkG02eZ/NJ0pmHxDBd8rq8DkuA7krjxJHY/qDt0zfoKXf54bzbVgxD6xhf+CB
ETjCSrqLPSFyqf4nJ5XBNNPGJuwI9jtBMe8GoQIDAQABo1AwTjAdBgNVHQ4EFgQU
CGOdUUYcl5h5LzVE3CMbOL808zIwHwYDVR0jBBgwFoAUCGOdUUYcl5h5LzVE3CMb
OL808zIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQB72EfZlKbDVe0I
jubFCIWa9/mdTPJpHXIHURrO2Y0M0ligbHcIr0Pmrt3b1uRrmzTkVdoqT2q0e7mq
PN95b25dX7xuczZ5KUyc0LYVQ+cP/AEg/2zmt2DmvBihUGhO73f85QnzPrtiUrzw
HvV8OmvjAsO6x5uBZhBE+fiAumbHVA==
-----END CERTIFICATE-----
subject=/C=XX/L=Default City/O=Default Company Ltd
issuer=/C=XX/L=Default City/O=Default Company Ltd
---
No client certificate CA names sent
---
SSL handshake has read 775 bytes and written 257 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : RC4-MD5
Session-ID: 8133AB1093A222C27E5DA858AB63E6B8C824726A856EFD3EE853FDDD5F1B4BE3
Session-ID-ctx:
Master-Key: 5F6D3B9DA87AAC674428C0DBD4BD21F36EF3B4DC223F407B110ECB9BD38B221AF0477062D248F7744841E715973D390C
Key-Arg : None
Krb5 Principal: None
Start Time: 1431366168
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
GET /Support/ HTTP/1.1
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7">
<meta name="viewport" content="width=device-width"><script type='text/javascript'>try{document.cookie = 'fjccheck=1';}catch(exception){}</script></head><frameset rows="100%,*" frameborder="no" border="0" framespacing="0">
<frame src="
http://www.http.com/?ga=HmqeklKbLYewQfbEUM3m4JBMgfoAUvPF6Pdoi9NYMx8s23%2BRSrUdOHY3NX81rwnY%2BR1J5pyFO%2BgQKZmdH4g%2BXA%3D%3D&gerf=eJPijblwIkatK9bXiAJRpxMn0f6XrOFY3YJlen9yveo%3D&guro=dX1cp6tjohVsltOURHeF6SD%2FmLRonwh4JCcCbfgHiiD%2BcEExziCASIQuB8Ry2PEt&">
</frameset>
<noframes>
<body bgcolor="#ffffff" text="#000000">
<a href="
http://www.http.com/rg-erdr.php?_rpo=t n8S7Htr&_rdm=9f1NJXWBsNf93a5.JvV&p=5f95%7C%40%7C5f95%7C%40%7Ciii.0rr+.JvV%7C%40%7CfB%7C%40%7C%7C%40%7CZzbHzEZHE%7C%40%7Czbb%7C%40%7C39%7C%40%7C%7C%40%7Ct+nh8llbj%7C%40%7Ct+7zFZKFH&ga=HmqeklKbLYewQfbEUM3m4JBMgfoAUvPF6Pdoi9NYMx8s23%2BRSrUdOHY3NX81rwnY%2BR1J5pyFO%2BgQKZmdH4g%2BXA%3D%3D&t=nfrm">Click here to proceed</a>.
</body>
</noframes></html>
Where per:
https://www.openssl.org/docs/apps/ciphers.html under ssl v3.0: SSL_RSA_WITH_RC4_128_MD5 is RC4-MD5
To be doubly sure I reconfigured apache to accept all ssl versions and all cipher suites. Specvirt is still complaining of the exact same ssl connection error:
2015-05-06 09:25:51:414 SPECweb_Support: [ERROR] STATE 0; makeHttpRequest() failed.
2015-05-06 09:25:51:475 SslConnection: [ERROR] IOException during SSL handshake: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
2015-05-06 09:25:51:475 Connection: [ERROR] createSocket() failed.
2015-05-06 09:25:51:476 SslConnection: [ERROR] IOException during SSL handshake: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
2015-05-06 09:25:51:477 Connection: [ERROR] Write to socket failed! IOException was: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropiate)
2015-05-06 09:25:51:477 SslConnection: [ERROR] IOException during SSL handshake: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
My Balance Now