WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

WebScarab problems with SSL

From: "cgi phantom" <webapps3c () gmail com>
Date: Thu, 17 May 2007 14:22:21 +1000
Hi All,

I'm receiving the following error while connecting to ANY ssl enabled web site:

3:52:17 Listener-127.0.0.1:8008(Listener.listen): Proxy listening on
127.0.0.1:8008
13:52:36 Listener-127.0.0.1:8008-2(ConnectionHandler.initSSL):
Initialised SSL handler OK
13:52:36 Listener-127.0.0.1:8008-1(ConnectionHandler.initSSL):
Initialised SSL handler OK
13:52:36 Listener-127.0.0.1:8008-3(ConnectionHandler.initSSL):
Initialised SSL handler OK
13:52:36 Listener-127.0.0.1:8008-2(ConnectionHandler.run):
ConnectionHandler got an error : javax.net.ssl.SSLException:
Connection has been shutdown: javax.net.ssl.SSLHandshakeException:
Remote host closed connection during handshake
13:52:36 Listener-127.0.0.1:8008-1(ConnectionHandler.run):
ConnectionHandler got an error : javax.net.ssl.SSLException:
Connection has been shutdown: javax.net.ssl.SSLHandshakeException:
Remote host closed connection during handshake
13:53:15 Listener-127.0.0.1:8008-4(SSLContextManager.getSSLContext):
Requested SSLContext for null
13:53:15 Listener-127.0.0.1:8008-4(ConnectionHandler.run): IOException
retrieving the response for
https://www.bla.com:443/portal/images/header/top_bg.gif :
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext
connection?
13:53:26 Listener-127.0.0.1:8008-5(URLFetcher.fetchResponse):
http://www.bla.com:80/ : 503 Service Unavailable


OR


14:06:41 Listener-127.0.0.1:8008-33(ConnectionHandler.run):
IOException retrieving the response for https://www.xxx.com:443/ :
java.io.IOException: No SSL cert found matching fingerprint:

-------------------------------------------------------------------------
Sponsored by: Watchfire
Securing a web application goes far beyond testing the application using manual processes, or by using automated systems and tools. Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download it today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: