[lug] Occasional Apache SSL Error
Ben Luey
bluey at iguanaworks.net
Tue Apr 19 18:33:43 MDT 2011
I'm running Debian Lenny with apache (2.2.9-10). This has been true for
over a year now with no problems. One month ago I changed our SSL
certificate as it was about to expire. The old key was 1024 bits and the
new one (required by godaddy) is 2048 bits. It installed fine, chrome,
firefox, etc accept it. Ever since then I occasionally get SSL errors
such as:
Peer's certificate has an invalid signature.
(Error code: sec_error_bad_signature)
from thunderbird (caldav over https via apache).
or:
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error
from chrome. Whenever I get the error, reloading the page usually fixes
the problem. There appears to be a weak correlation because how often I
get this error and how long apache has been running without a restart.
Any ideas what is going on? Before this change in the SSL certificate
(old and new one were both signed by godaddy) I'd run apache for months
on end with no problems. Same machine, no major upgrades, etc, and I
don't see any errors in the logs. I'm pretty sure this isn't a network
issue as I see the same issue over the internet or on our LAN.
Thanks,
Ben
More information about the LUG
mailing list