linux – IPv6工作正常,IPv4抛出OpenSSL错误

前端之家收集整理的这篇文章主要介绍了linux – IPv6工作正常,IPv4抛出OpenSSL错误前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我正在构建一个Web服务器( http://blog.linformatronics.nl/),它在IPv4和IPv6以及使用非SSL连接时都能正常运行.但是,当我通过https连接到它时,IPv6按预期工作,但IPv4连接会引发客户端错误. IPv4 / https连接的服务器端日志为空.在表格中总结:
| http  | https
-----+-------+-------------------------------------------------------
IPv4 | works | OpenSSL error,Failed. No server side logging.
-----+-------+-------------------------------------------------------
IPv6 | works | self signed certificate warning,but works as expected

显然,甚至没有设置SSL隧道,这说明Apache日志是空的.但为什么它适用于IPv6并且IPv4失败?
我的问题是为什么抛出这个OpenSSL错误,我该如何解决

以下是有关设置的一些额外信息.

IPv6 https

用于重现IPv6 / https行为的命令:

$wget --no-check-certificate -O /dev/null -6 https://blog.linformatronics.nl
--2012-11-03 15:46:48--  https://blog.linformatronics.nl/
Resolving blog.linformatronics.nl (blog.linformatronics.nl)... 2001:980:1b7f:1:a00:27ff:fea6:a2e7
Connecting to blog.linformatronics.nl (blog.linformatronics.nl)|2001:980:1b7f:1:a00:27ff:fea6:a2e7|:443... connected.
WARNING: cannot verify blog.linformatronics.nl's certificate,issued by `/CN=localhost':
  Self-signed certificate encountered.
    WARNING: certificate common name `localhost' doesn't match requested host name `blog.linformatronics.nl'.
HTTP request sent,awaiting response... 200 OK
Length: 4556 (4.4K) [text/html]
Saving to: `/dev/null'

100%[=======================================================================>] 4,556       --.-K/s   in 0s      

2012-11-03 15:46:49 (62.5 MB/s) - `/dev/null' saved [4556/4556]

IPv4 https

用于重现IPv6 / https行为的命令:

$wget --no-check-certificate -O /dev/null -4 https://blog.linformatronics.nl
--2012-11-03 15:47:28--  https://blog.linformatronics.nl/
Resolving blog.linformatronics.nl (blog.linformatronics.nl)... 82.95.251.247
Connecting to blog.linformatronics.nl (blog.linformatronics.nl)|82.95.251.247|:443... connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.

笔记

>我在Ubuntu Server 12.04.1 LTS上

解决方法

您有一些严重的防火墙/ NAT配置错误.您实际上并未在端口443上运行Web服务器…
$telnet 82.95.251.247 443
Trying 82.95.251.247...
Connected to 82.95.251.247.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1

您的IPv6服务似乎已被防火墙关闭……

$telnet 2001:980:1b7f:1:a00:27ff:fea6:a2e7 443
Trying 2001:980:1b7f:1:a00:27ff:fea6:a2e7...
telnet: connect to address 2001:980:1b7f:1:a00:27ff:fea6:a2e7: Permission denied

修复您的防火墙和/或错误端口服务问题,您应该发现事情开始起作用.

猜你在找的Linux相关文章