[Modules] [mod_gnutls 0.4.3 / 0.5.1] GnuTLS internal error with Firefox 3

Romain LE DISEZ romain.ledisez at netensia.fr
Tue May 13 11:29:00 EDT 2008 

Hi,

I'm running mod_gnutls with success from few months now. When I updated
my Fedora to Fedora 9, I got Firefox 3 (beta 5).

Firefox 3 can't access to my TLS website. It returns the error :
> Secure Connection Failed
>
>   An error occurred during a connection to intranet.ledisez.net.
>
>   Peer reports it experienced an internal error.
>
>   (Error code: ssl_error_internal_error_alert)

On error.log from Apache :
> GnuTLS: Handshake Failed (-59) 'GnuTLS internal error.'

I join gnutls_debug.

I'm not sure it's a firefox or gnutls bug but the error message 'GnuTLS
internal error' makes me post here.

Thanks for your help.

-- 
Romain LE DISEZ
Netensia
-------------- next part --------------

<4> REC[844f290]: Expected Packet[0] Handshake(22) with length: 1

<4> REC[844f290]: Received Packet[0] Handshake(22) with length: 160

<4> REC[844f290]: Decrypted Packet[0] Handshake(22) with length: 160

<3> HSK[844f290]: CLIENT HELLO was received [160 bytes]

<3> HSK[844f290]: Client's version: 3.1

<2> ASSERT: gnutls_db.c:327

<2> ASSERT: gnutls_db.c:247

<2> EXT[844f290]: Received extension 'SERVER_NAME/0'

<2> EXT[844f290]: Received extension '(null)/10'

<2> EXT[844f290]: Received extension '(null)/11'

<2> EXT[844f290]: Received extension 'SERVER_NAME/0'

<2> EXT[844f290]: Received extension '(null)/10'

<2> EXT[844f290]: Received extension '(null)/11'

<3> HSK[844f290]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1

<3> HSK[844f290]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_DSS_ARCFOUR_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_DSS_AES_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_DSS_AES_256_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1

<3> HSK[844f290]: Removing ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: RSA_ARCFOUR_SHA1

<3> HSK[844f290]: Keeping ciphersuite: RSA_ARCFOUR_MD5

<3> HSK[844f290]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1

<3> HSK[844f290]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1

<3> HSK[844f290]: Selected cipher suite: DHE_RSA_CAMELLIA_256_CBC_SHA1

<3> HSK[844f290]: Selected Compression Method: NULL

<3> HSK[844f290]: SessionID: eaddc57d6190551c9d481240f67c640b976c1b5678e23e2cc6a63674d641941f

<3> HSK[844f290]: SERVER HELLO was send [74 bytes]

<4> REC[844f290]: Sending Packet[0] Handshake(22) with length: 74

<4> REC[844f290]: Sent Packet[1] Handshake(22) with length: 79

<3> HSK[844f290]: CERTIFICATE was send [1172 bytes]

<4> REC[844f290]: Sending Packet[1] Handshake(22) with length: 1172

<4> REC[844f290]: Sent Packet[2] Handshake(22) with length: 1177

<3> HSK[844f290]: SERVER KEY EXCHANGE was send [653 bytes]

<4> REC[844f290]: Sending Packet[2] Handshake(22) with length: 653

<4> REC[844f290]: Sent Packet[3] Handshake(22) with length: 658

<3> HSK[844f290]: SERVER HELLO DONE was send [4 bytes]

<4> REC[844f290]: Sending Packet[3] Handshake(22) with length: 4

<4> REC[844f290]: Sent Packet[4] Handshake(22) with length: 9

<4> REC[844f290]: Expected Packet[1] Handshake(22) with length: 1

<4> REC[844f290]: Received Packet[1] Handshake(22) with length: 262

<4> REC[844f290]: Decrypted Packet[1] Handshake(22) with length: 262

<3> HSK[844f290]: CLIENT KEY EXCHANGE was received [262 bytes]

<4> REC[844f290]: Expected Packet[2] Change Cipher Spec(20) with length: 1

<4> REC[844f290]: Received Packet[2] Change Cipher Spec(20) with length: 1

<4> REC[844f290]: ChangeCipherSpec Packet was received

<9> INT: PREMASTER SECRET[256]: 499d4b319a4c928fecaf8fee64719b8c0581efabad79cf370406ff7eaa0c05146dfc4f0cc74aa3a49db2085d9224a2928a826bf22c56891e639053728cb7f66867151b6dcb95c3d17a89dd4dcea839fe38b429573ff07c1a8c0b9dfbbd954cdb7d056d6e46b8da3b49128b46f09a7674f7a5c60af69f6c0c4cee292964bf8ecc7f666aef6206786cc3e55cac67f082980f7bf2f580d87e306680d36d8ddbe2c008a26b4f4f9f840c6e546157d00606ae0ceb693cddd928e424b468d9fcb764db35acf708e53c8c3a83134596d6e73453a6859ad46c7b61d54d658f996387ed809f721e8a80792a80c3cc38315cfbbef7733c82c2f847b32d8c7b92af956248

<9> INT: CLIENT RANDOM[32]: 003a111e77500d475e202a8da4d77267058484bff545cff744910daca5da269f

<9> INT: SERVER RANDOM[32]: 4829aec967284abc62da99941ca0f7a8c6171245a7d9009e050ee4ff50ae56f2

<9> INT: MASTER SECRET: 3a674c2188ce7efbea6ead0a7862808df843332a70a6429f6423f83756467b9b67a48cdc539e088ac8cc71f9f4a8a0b7

<9> INT: KEY BLOCK[136]: d0ec1f426756fb5cd4611af9eff1008256c0cd2f4214b2ba5d22f7ec8e17b776

<9> INT: CLIENT WRITE KEY [32]: 105eb37f9868392ab257def0f4d83256507258b5d03b84f0b398d28b3b2f7519

<9> INT: SERVER WRITE KEY [32]: 8391c1aa07f53311a8f4a4ff6074315ab806a37d8c63145dcfc15f9bda84eab0

<3> HSK[844f290]: Cipher Suite: DHE_RSA_CAMELLIA_256_CBC_SHA1

<3> HSK[844f290]: Initializing internal [read] cipher sessions

<2> ASSERT: gnutls_cipher_int.c:89

<1> Crypto cipher[8] error: 4

<2> ASSERT: gnutls_constate.c:601

<2> ASSERT: gnutls_handshake.c:2501

<2> ASSERT: gnutls_handshake.c:2643

<4> REC: Sending Alert[2|80] - Internal error

<4> REC[844f290]: Sending Packet[4] Alert(21) with length: 2

<4> REC[844f290]: Sent Packet[5] Alert(21) with length: 7

More information about the Modules mailing list