Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Unable to access https sites from linux
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
Abandon
n00b
n00b


Joined: 18 May 2002
Posts: 33
Location: Madison, WI

PostPosted: Sun Jun 23, 2002 3:20 pm    Post subject: Unable to access https sites from linux Reply with quote

I'm having a slight problem accessing some https sites. I can access the sites fine from a Windows 98 machine on the same network. From linux though, no matter which browser I use, I'm stuck in connecting. The following is the URL for my banking site which is one example. Anyone have any suggestions what could be wrong?

https://pcbranch.capitolcu.org/webpb/index.php
Back to top
View user's profile Send private message
magoo
n00b
n00b


Joined: 06 May 2002
Posts: 36
Location: Halifax, Canada

PostPosted: Sun Jun 23, 2002 5:11 pm    Post subject: Reply with quote

you'll need to emerge dev-libs/openssl i do believe. you may possibly have to recompile your browsers with "ssl" added to your USE= line in order for SSL to work.
_________________
magoo
Back to top
View user's profile Send private message
Abandon
n00b
n00b


Joined: 18 May 2002
Posts: 33
Location: Madison, WI

PostPosted: Sun Jun 23, 2002 6:02 pm    Post subject: Reply with quote

I checked. I currently have dev-libs/openssl 0.9.6d installed and the make.defaults already includes use ssl. I know they were used for the compile of the browser because I only upgraded to Mozilla 1.0-r2 a couple of days ago.

In addition, I can access other SSL sites. My company use Outlook web access which works just fine for me and I know that requires 128bit SSL.

I also tried tweaking the SSL settings under preferences in both Mozilla and Konqueror. I turned off support for various ciphers and versions of SSL without any effect.
Back to top
View user's profile Send private message
fghellar
Bodhisattva
Bodhisattva


Joined: 10 Apr 2002
Posts: 856
Location: Porto Alegre, BR

PostPosted: Sun Jun 23, 2002 11:37 pm    Post subject: Re: Unable to access https sites from linux Reply with quote

Abandon wrote:
I'm having a slight problem accessing some https sites. I can access the sites fine from a Windows 98 machine on the same network. From linux though, no matter which browser I use, I'm stuck in connecting. The following is the URL for my banking site which is one example. Anyone have any suggestions what could be wrong?

https://pcbranch.capitolcu.org/webpb/index.php

Some banks just deny access with "untested"/"unsupported" browsers... Maybe if you try with Netscape instead of Mozilla, or make Mozilla pretend to be Netscape/MSIE, you can get it...
_________________
| www.gentoo.org | www.tldp.org | www.google.com |
Back to top
View user's profile Send private message
Abandon
n00b
n00b


Joined: 18 May 2002
Posts: 33
Location: Madison, WI

PostPosted: Mon Jun 24, 2002 1:31 am    Post subject: Reply with quote

I tried the following line in the prefs.js file

user_pref("general.useragent.override", "Mozilla/5.0 (compatible; MSIE 5.5; Windows 98; I)");

Which according to a write up on Mozilla.org should change the user-agent string the browser returns. The actual string I got from web testing site that showed the user-agent strings different browsers return. The part at the beginning was "Mozilla/4.0" but Mozilla wouldn't start unless I changed it.

Anyway I tested and still get the same results. It's like the site isn't even there. I'm stuck connecting until the connect times out.
Back to top
View user's profile Send private message
jtmace
Tux's lil' helper
Tux's lil' helper


Joined: 20 Jun 2002
Posts: 101

PostPosted: Mon Jun 24, 2002 4:42 pm    Post subject: Reply with quote

is that the only site or is it every site?? I can browse it just fine.
Back to top
View user's profile Send private message
Abandon
n00b
n00b


Joined: 18 May 2002
Posts: 33
Location: Madison, WI

PostPosted: Mon Jun 24, 2002 10:03 pm    Post subject: Reply with quote

That's the only one I remember the address for right now but there have been some e-commerce sites in the past that haven't worked. For those I've always just choosen to shop elsewhere. For my credit union though going elsewhere would be a more involved decision.

This might not help but when I do a tcpdump trace of the communications between my machine and the internet I can see a syn packet go out but I never see a reply packet back. If I use telnet to open a connection to the site it just sits connecting. If I telnet to another secure site it does actually connect. No data back but that's most likely becasue telnet can't negotiate a secure connection.

It would seem that for some reason the response packet is never coming back. I wonder if there are any kernel configurations that could interfere with certain kinds of connections.
Back to top
View user's profile Send private message
Abandon
n00b
n00b


Joined: 18 May 2002
Posts: 33
Location: Madison, WI

PostPosted: Wed Jul 17, 2002 12:38 am    Post subject: Fixed Reply with quote

I finally corrected this and thought I'd post the solution in case any one else encounter this problem. It turns out thatat some point when configuring my kernel build I turn on Explicit congestion notification. This sets a newly defined bit in the header of syn packets. Some firewalls mistakenly throw out packets using this new option. You can correct the problem by either recompiling your kernel without ecn or by doing the following at a command prompt or in a init script every time you boot.

echo 0 > /proc/sys/net/ipv4/tcp_ecn

Just goes to show you really need to watch what options you select in the kernel.
Back to top
View user's profile Send private message
reverius42
Apprentice
Apprentice


Joined: 16 Jul 2002
Posts: 166
Location: Tucson, AZ

PostPosted: Wed Jul 17, 2002 10:25 pm    Post subject: Re: Unable to access https sites from linux Reply with quote

fghellar wrote:
Abandon wrote:
I'm having a slight problem accessing some https sites. I can access the sites fine from a Windows 98 machine on the same network. From linux though, no matter which browser I use, I'm stuck in connecting. The following is the URL for my banking site which is one example. Anyone have any suggestions what could be wrong?

https://pcbranch.capitolcu.org/webpb/index.php

Some banks just deny access with "untested"/"unsupported" browsers... Maybe if you try with Netscape instead of Mozilla, or make Mozilla pretend to be Netscape/MSIE, you can get it...


How do you tell Mozilla to fake its browser ID? I can't find where to do it...

I do know that Opera has an option to fake browser ID, and comes with presets for Netscape and Internet Explorer... but I don't like to use Opera.
_________________
Even a stopped clock gives the right time twice a day.
Back to top
View user's profile Send private message
Abandon
n00b
n00b


Joined: 18 May 2002
Posts: 33
Location: Madison, WI

PostPosted: Thu Jul 18, 2002 3:09 am    Post subject: Reply with quote

You might try reading the following document.

http://www.mozilla.org/unix/customizing.html

Near the end it discusses the prefs.js file and the options it controls. The specific option your looking for is general.useragent.override. I'm really not sure why this isn't more accessable. Or maybe it is I just don't know about it.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum