“apache”标签相关文章 »

nov 28

Apache/Subversion: SSL negotiation failed: SSL error: parse tlsext

我的 SVN 服务器升级到 FreeBSD 8.0 Release 之后,原先 Apache + SSL + Subversion 的环境,在客户端(包括 Ubuntu 9.10 和 Mac OS X 1.5.8)做任何 SVN 操作的时候,会得到标题给出的提示。

查了下,是因为 TLSv1 协议的问题,不知是 OpenSSL 的 bug 还是 Subversion 的 bug,总之无法正常工作。

修改 Apache 配置文件,屏蔽掉 TLSv1 加密方式:

SSLProtocol -ALL +SSLv3

SSLProtocol +ALL -SSLv2 -TLSv1

SSLProtocol ALL -TLSv1

反正只要没有 TLSv1 就能正常工作,经测试,暂时还未发现新问题。

dirk 发表于 2009-11-28 Saturday
oct 21

When Apache web server with SSL is starting up in FreeBSD system, Apache loads succcessfully and web server functioning properly, but the following warning error occurs:

[warn] (2)No such file or directory: Failed to enable the 'dataready' Accept Filter

The resolution to the above problem is to a accf_data module, which function is to prevents the application from receiving the connected descriptor via accept() until data arrives on the connection, into FreeBSD kernel by using kernel linker:

kldload accf_data

To permanently load enable data Accept Filter FreeBSD kernel module (accf_data), add the following line into /boot/loader.conf:

accf_data_load=”YES”

Note: The default settings is located in /boot/defaults/loader.cnf. To see the related settings about accf, use:

grep accf /boot/defaults/loader.conf

which will returns:

accf_data_load=”NO” # Wait for data accept filter
accf_http_load=”NO” # Wait for full HTTP request accept filter
dirk 发表于 2009-10-21 Wednesday