[lug] Occasional Apache SSL Error

Ben Luey bluey at iguanaworks.net
Tue Apr 19 18:33:43 MDT 2011


I'm running Debian Lenny with apache (2.2.9-10). This has been true for 
over a year now with no problems. One month ago I changed our SSL 
certificate as it was about to expire. The old key was 1024 bits and the 
new one (required by godaddy) is 2048 bits. It installed fine, chrome, 
firefox, etc accept it. Ever since then I occasionally get SSL errors 
such as:

Peer's certificate has an invalid signature.
(Error code: sec_error_bad_signature)

from thunderbird (caldav over https via apache).

or:

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error

from chrome. Whenever I get the error, reloading the page usually fixes 
the problem. There appears to be a weak correlation because how often I 
get this error and how long apache has been running without a restart.

Any ideas what is going on? Before this change in the SSL certificate 
(old and new one were both signed by godaddy) I'd run apache for months 
on end with no problems. Same machine, no major upgrades, etc, and I 
don't see any errors in the logs. I'm pretty sure this isn't a network 
issue as I see the same issue over the internet or on our LAN.

Thanks,
Ben





More information about the LUG mailing list