apache openssl problems?
Posted: Mar 8th, '25, 20:21Hi!
I'm presently gradually building a new server with Mageia 9. Most of the services are working as expected.
The server also hosts a webdav server requiring apache-mod_ssl. Still not deployed it because I have about 10 remote clients running an old webdav client NetDrive 1.3.4 that does not connect to the new server. It would be very complicated for me to update them, especially since one of them are still on Windows 7. I'm not sure there are any good webdav clients possible to install at the client with windows 7.
The still active webdav server is also a Mageia 9 server on old hardware that has been gradually upgraded from Mageia 6 to Mageia 9 latest.
Other webdav clients like Cyberduck, winscp or latest NetDrive connects perfeclty to the new server as well as a normal browser.
Connecting to the old server works perfectly with the NetDrive client. To try to understand what is the difference between the old an new server I begun compare what open ssl related rpms that differs between the old server and the new.
At the old server the NetDrive client generates the following log in /var/log/httpd/ssl_request.log:
At the new server not any traces of connection or errors are found in /var/log/httpd/access.log , /error.log or /ssl_request.log. Seems that the NetDrive client not even tries to connect to the server.
I found the following rpms installed at the old server but not at the new:
lib64compat-openssl10_1.0.0, version 1.0.2u 1.2.mga7
lib64openssl-engines1.0.0 1, version 1.0.2r 1.mga6.rpm
lib64openssl1.1, version 1.1.1v 1.mga8.rpm
python2-openssl version 18.0.0 2mga.rpm
Can the reason to the connection problems be that the present version of apache-mod_ssl does not support the old NetDrive client? Maybe the old client has a depracated ssl-protocol? It seems to be using Tlsv1. Is there any way to find the above rpm:s and install them on the new server for testing? I searched different repositories without success. Are there any specifical methods to log openssl? Any other hints?
I'm presently gradually building a new server with Mageia 9. Most of the services are working as expected.
The server also hosts a webdav server requiring apache-mod_ssl. Still not deployed it because I have about 10 remote clients running an old webdav client NetDrive 1.3.4 that does not connect to the new server. It would be very complicated for me to update them, especially since one of them are still on Windows 7. I'm not sure there are any good webdav clients possible to install at the client with windows 7.
The still active webdav server is also a Mageia 9 server on old hardware that has been gradually upgraded from Mageia 6 to Mageia 9 latest.
Other webdav clients like Cyberduck, winscp or latest NetDrive connects perfeclty to the new server as well as a normal browser.
Connecting to the old server works perfectly with the NetDrive client. To try to understand what is the difference between the old an new server I begun compare what open ssl related rpms that differs between the old server and the new.
At the old server the NetDrive client generates the following log in /var/log/httpd/ssl_request.log:
[08/Mar/2025:18:50:40 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/ HTTP/1.1" 1220
[08/Mar/2025:18:50:40 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/ HTTP/1.1" 2426
[08/Mar/2025:18:50:40 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/ HTTP/1.1" 1706
[08/Mar/2025:18:50:40 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/ HTTP/1.1" 1706
[08/Mar/2025:18:50:40 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/ HTTP/1.1" 314
[08/Mar/2025:18:50:45 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/Ny%20mapp/ HTTP/1.1" 1197
[08/Mar/2025:18:50:45 +0100] 192.168.1.9 TLSv1 ECDHE-ECDSA-AES128-SHA "PROPFIND /webdav/ HTTP/1.1" 1706
At the new server not any traces of connection or errors are found in /var/log/httpd/access.log , /error.log or /ssl_request.log. Seems that the NetDrive client not even tries to connect to the server.
I found the following rpms installed at the old server but not at the new:
lib64compat-openssl10_1.0.0, version 1.0.2u 1.2.mga7
lib64openssl-engines1.0.0 1, version 1.0.2r 1.mga6.rpm
lib64openssl1.1, version 1.1.1v 1.mga8.rpm
python2-openssl version 18.0.0 2mga.rpm
Can the reason to the connection problems be that the present version of apache-mod_ssl does not support the old NetDrive client? Maybe the old client has a depracated ssl-protocol? It seems to be using Tlsv1. Is there any way to find the above rpm:s and install them on the new server for testing? I searched different repositories without success. Are there any specifical methods to log openssl? Any other hints?