#native_company# #native_desc#
#native_cta#

“Cannot find server or DNS Error” IE & SSL problem

By man0n
on August 31, 2001

The Problem
===========
Many people using CGI scripts running through the SSL server have found
weird unrelated errors appearing when using MSIE (not Netscape or Opera
BTW), like:
I/O Errors
Insecure Item Errors
DNS Errors

My customers have reported this error manytimes:
"Cannot find server or DNS Error"

This error is not permanent if you press back button and press submit button
again at any script, it will work again when this happend.

But we have noticed that it could be a problem for us to lose sales at our
website http://cables2.com where we sale mobile phone accessories and data cables
for data transmission and unlock.

The Real Problem
================
<sarcasm&gt;Surprisingly</sarcasm&gt;, MS IE has many small smelly bugs
in it in
areas that the other browsers mentioned do not.

After much hacking, testing, scripting, tears and tantrums, (and internet
searching), I finally found a technical reference and workaround for the
problem at:
When I connect via HTTPS to an Apache+mod_ssl+OpenSSL server with Microsoft
Internet Explorer (MSIE) I get various I/O errors. What is the reason?

http://www.modssl.org/docs/2.6/ssl_faq.html#io-ie

The Solution
============
Using the information from the article above, if you have users experiencing
this problem (we do with different CGI scripts running through SSL), here’s
the modification we made:

Change the following block of code in /etc/httpd/httpd.conf (large chunk to
help find it)

from:

                $PerlConfig .= "Listen $ip:443n";
                $PerlConfig .= "<VirtualHost $ip:443>n";
                $PerlConfig .= "SSLengine onn";
                $PerlConfig .= "SSLCertificateFile
/home/sites/$group/certs/certificaten";
                $PerlConfig .= "SSLCertificateKeyFile
/home/sites/$group/certs/keyn";
                $PerlConfig .= join('', @ssl_conf);

to:

                $PerlConfig .= "Listen $ip:443n";
                $PerlConfig .= "<VirtualHost $ip:443>n";
                $PerlConfig .= "SetEnvIf User-Agent ".*MSIE.*" \n";
                $PerlConfig .= "        nokeepalive ssl-unclean-shutdown \n";
                $PerlConfig .= "        downgrade-1.0 force-response-1.0n";
                $PerlConfig .= "SSLengine onn";
                $PerlConfig .= "SSLCertificateFile
/home/sites/$group/certs/certificaten";
                $PerlConfig .= "SSLCertificateKeyFile
/home/sites/$group/certs/keyn";
                $PerlConfig .= join('', @ssl_conf);

Restart Apache.

Conclusion
==========
If your server is using ssl maybe you can get this problem too. So update your
httpd.conf or your site will not works correctly.

Regards,

Manuel Gallego.
Webmaster
http://cables2.com
The biggest mobile phone accesories and data cables store