WebApp Sec mailing list archives
WebScarab problems with SSL
From: "cgi phantom" <webapps3c () gmail com>
Date: Thu, 17 May 2007 14:22:21 +1000
Hi All, I'm receiving the following error while connecting to ANY ssl enabled web site: 3:52:17 Listener-127.0.0.1:8008(Listener.listen): Proxy listening on 127.0.0.1:8008 13:52:36 Listener-127.0.0.1:8008-2(ConnectionHandler.initSSL): Initialised SSL handler OK 13:52:36 Listener-127.0.0.1:8008-1(ConnectionHandler.initSSL): Initialised SSL handler OK 13:52:36 Listener-127.0.0.1:8008-3(ConnectionHandler.initSSL): Initialised SSL handler OK 13:52:36 Listener-127.0.0.1:8008-2(ConnectionHandler.run): ConnectionHandler got an error : javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 13:52:36 Listener-127.0.0.1:8008-1(ConnectionHandler.run): ConnectionHandler got an error : javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 13:53:15 Listener-127.0.0.1:8008-4(SSLContextManager.getSSLContext): Requested SSLContext for null 13:53:15 Listener-127.0.0.1:8008-4(ConnectionHandler.run): IOException retrieving the response for https://www.bla.com:443/portal/images/header/top_bg.gif : javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 13:53:26 Listener-127.0.0.1:8008-5(URLFetcher.fetchResponse): http://www.bla.com:80/ : 503 Service Unavailable OR 14:06:41 Listener-127.0.0.1:8008-33(ConnectionHandler.run): IOException retrieving the response for https://www.xxx.com:443/ : java.io.IOException: No SSL cert found matching fingerprint: ------------------------------------------------------------------------- Sponsored by: WatchfireSecuring a web application goes far beyond testing the application using manual processes, or by using automated systems and tools. Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download it today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe --------------------------------------------------------------------------
Current thread:
- WebScarab problems with SSL cgi phantom (May 18)