If I am running Hunchentoot standalone with ssl, should it be able to handle requests that are NOT using ssl as well? Currently, I am getting the following error if I send a request to "http" and not "https":
[2007-07-09 10:56:45 [ERROR]] Error while processing connection: A failure in the SSL library occurred on handle #.(SB-SYS:INT-SAP #X080EE6E0). (Return code: 1)SSL error queue: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
Do people normally start two servers, one w/ ssl and one w/o, if they want to be able to handle both types of requests? The requests would be to different resources, obviously.
-austin
On Mon, 2007-07-09 at 11:06 -0400, Austin Haas wrote:
If I am running Hunchentoot standalone with ssl, should it be able to handle requests that are NOT using ssl as well? Currently, I am getting the following error if I send a request to "http" and not "https":
Just to get things clear: are you trying to do this on _one_ port (i.e. non-SSL connects on the same port as SSL)?
Cheers, RalfD
Yes, one port. Maybe that is where my own internal logic is breaking down. I was thinking about one instance of Apache handling both ssl and non-ssl connections, though it uses separate ports.
-austin
Scribit Austin Haas dies 09/07/2007 hora 13:16:
Yes, one port. Maybe that is where my own internal logic is breaking down.
Well, I don't know about earlier versions of SSL, and which ones Hunchentoot handles, but TLS has a START-TLS command that enables the use of the same port for clear and encrypted communications.
Duplication of ports for secure channels would be a nightmare if it was generalized.
Quickly, Pierre
On Mon, 9 Jul 2007 13:16:11 -0400, Austin Haas austin@pettomato.com wrote:
Yes, one port. Maybe that is where my own internal logic is breaking down. I was thinking about one instance of Apache handling both ssl and non-ssl connections, though it uses separate ports.
You'll have to start two different Hunchentoot servers (one for each port, one SSL and one not) then. As a result, you'll have one Lisp image handling all connections which is very similar to the Apache setup.
Edi.
-
Austin Haas -
Edi Weitz -
Pierre THIERRY -
Ralf Mattes