Hello Yutaka,

I have been running Delegate for the past few days.  However, there are some
instances where I cannot establish a session with the HTTPS site.  The
console logs show this error:

5684:error:1406D044:SSL routines:GET_SERVER_HELLO:internal
error:s2_clnt.c:528

Oftentimes, i need to restart Delegate so I can re-establish a session with
the HTTPS site once more.

Also, according to the HTTPS Site guy, he does not see any request coming in
from Delegate...

Can you help advise what this error mean?  Does this problem happen
regarding the client/server authentication phase?

Here is how I start the process:

./delegated -v -P$DELEDATE_LISTNER_PORT SERVER=http FSV="sslway -ssl2 -Vrfy
-CAfile pems/TrivnetCA.crt -cert pems/ggs-delegate.crt -key pems/ggs-
delegate.key -pass pass:1234 " MOUNT="/* $HTTPS_HOST_URL/*" RES_WAIT=0
DGROOT=/opt/gemalto/delegate951 &

Here are  the complete logs.

4/17 17:14:40.44 [5691] 4+1: (0) accepted [31] -@[192.168.11.116]OTA1:62345
(0.006s)(1)
04/17 17:14:40.45 [5691] 4+1: Proxy: host=OTA1; User-Agent: ; DIRECT
04/17 17:14:40.45 [5691] 4+1: HCKA:[0] close; host=OTA1; (User-Agent: )
04/17 17:14:40.45 [5691] 4+1: REQUEST - GET
/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357
HTTP/1.1^M
04/17 17:14:40.45 [5691] 4+1: ***
/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357
=>
https://winapi.wireless.co.id/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357***
04/17 17:14:40.45 [5691] 4+1: REQUEST +M
https://winapi.wireless.co.id/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357HTTP/1.1^M
04/17 17:14:40.45 [5691] 4+1: ***
/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357
=>
https://winapi.wireless.co.id/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357***
04/17 17:14:40.45 [5691] 4+1: PATH>
https://winapi.wireless.co.id:443!OTA1:8077!OTA1:62345!anonymous@OTA1;1176804880
04/17 17:14:40.45 [5691] 4+1: REQUEST = [https://winapi.wireless.co.id:443/]
GET
/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357
HTTP/1.1^M
04/17 17:14:40.45 [5691] 4+1: XHost: (0,0,1) winapi.wireless.co.id <=
gemhost:8077
04/17 17:14:40.45 [5691] 4+1: ConnectToServer connected [14] {
192.168.11.110:443 <- 192.168.11.116:62346} [0.000s]
04/17 17:14:40.45 [5691] 4+1: willSTLS_SV: ServerFlags=10
04/17 17:14:40.45 [5692] 4+1: -- Fork(FSV): 5691 -> 5692
04/17 17:14:40.46 [5691] 4+1: HTTP => (winapi.wireless.co.id:443) GET
/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357
HTTP/1.1^M
04/17 17:14:40.47 [5692] 4+1: ## SSLway loadSession 0.000582 (1 0) / 1
04/17 17:14:40.48 [5692] 4+1: ## SSLway connect failed
5692:error:1406D044:SSL routines:GET_SERVER_HELLO:internal
error:s2_clnt.c:528:
04/17 17:14:40.48 [5692] 4+1: builtin-SSLway: ssl_conn() failed
04/17 17:14:40.48 [5691] 4+1: HTTP relay_response: EOF at start
04/17 17:14:40.48 [5691] 4+1: #HT11 EOF from the client (2)
04/17 17:14:40.48 [5691] 4+1: #HT11 close svsokcs[20,21]
04/17 17:14:40.48 [5691] 4+1/1: WaitShutdown 1/0 xpid=0 errno=0/10 0 8 0
0.000
04/17 17:14:40.49 [5691] 4+1/1: WaitShutdown 1/0 xpid=5692 errno=0/10 0 8 0
0.012
04/17 17:14:40.49 [5691] 4+1/1: disconnected [31] -@[192.168.11.116]OTA1:62345
(0.052s)(0)
04/17 17:14:40.49 [5691] 4+1/1: CFI process none (0/1)
OTA1 - - [17/Apr/2007:17:14:40 +0700] "GET
https://winapi.wireless.co.id/WinFacadeWeb/SmsServlet?SMS%5fserviceName=P2P&SMS%5fbucketType=regular&SMS%5fsourceMsisdn=628811051102&SMS%5fdestMsisdn=628811051102&SMS%5frechargeAmount=5000&SMS%5fpin=1357HTTP/1.1"
500 0 0*
0.000+0.000:P:0-
04/17 17:14:40.49 [5691] 4+1: StickyServer done
[nonStickyProtocol(http:https:https)] 1 req / 1 conn / 0 sec


Thanks,
Chris

On 3/22/07, Yutaka Sato <pficabdyi-mykgh42ow6tw.ml@delegate.org> wrote:
>
> Hi,
>
> In message <_A3665@delegate-en.ML_>
> on 03/21/07(17:27:45)
> you "Kwis Angelo" <phyhabdyi-mykgh42ow6tw.ml@delegate.org> wrote:
> |I think I have found the right parameter to run Delegate with the right
> |client certificate.  But we had some problems when establishing a session
> |with the HTTPS site;
> |
> |====================================================================
> |
> |$/delegated -v -P$DELEDATE_LISTNER_PORT SERVER=http STLS="fsv,sslway
> -Vrfy
> |-CAfile pems/CA.crt -cert pems/ggs-delegate.crt -key
> |pems/ggs-delegate.key-pass pass:1234" MOUNT="/* $HTTPS_HOST_URL/*"
> |RES_WAIT=0 ADMINPASS=gemuser
> |DGROOT=/opt/delegate951
> ...
> |03/20 17:42:27.34 [22869] 7+1: willSTLS_SV: ServerFlags=30
>
> I noticed that the log shows that DeleGate is not applying SSL with
> the server.  It is because your command line seems to include
> the ":" character int the options for SSLway.  In such case, you need
> to wrap the SSLway options with { and } as follows:
>
> STLS="fsv,{sslway ... argument including : ... }"
>
> Cheers,
> Yutaka
> --
>   9 9   Yutaka Sato <pfqcabdyi-mykgh42ow6tw.ml@delegate.org> http://delegate.org/y.sato/
> ( ~ )  National Institute of Advanced Industrial Science and Technology
> _<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller
>