|
No one answered this... but in case anyone is interested I fixed it by
re-introducing the old
check_https from v1.90 works like a charm :-)
malcolm wrote:
v1.132 ldirectord HTTPS negotiate doesn't seem to work:
DEBUG2: Invoking ldirectord invoked as: /etc/rc.d/init.d/ldirectord start
DEBUG2: Starting Linux Director v1.132 with pid: 4944
DEBUG2: Changed virtual server: 192.168.1.21:443
DEBUG2: Enabled server=192.168.1.27
DEBUG2: Checking negotiate: real
server=negotiate:https:tcp:192.168.1.27:443:::1:\/index\.html:Loadbalancer
(virtual=tcp:192.168.1.21:443)
DEBUG2: check_http: url="https://192.168.1.27:443/index.html";
virtualhost="192.168.1.27"
DEBUG2: SSL-Cipher:
DEBUG2: SSL-Cert-Subject:
DEBUG2: SSL-Cert-Issuer:
DEBUG2: Deleted real server: 192.168.1.27:443 ( x 192.168.1.21:443)
DEBUG2: Added fallback server: 127.0.0.1:443 ( x 192.168.1.21:443)
(Weight set to 1)
DEBUG2: Disabled server=192.168.1.27
DEBUG2: check_http: https://192.168.1.27:443/index.html is down
Why is it doing an HTTP check for a HTTPS negotiate?!
I'll take a look at the code but Perl looks like Russian to me... Any
pointers?
v1.99 works fine as bellow same config file.....
DEBUG2: Running exec(/etc/rc.d/init.d/ldirectord -d start)
Running exec(/etc/rc.d/init.d/ldirectord -d start)
DEBUG2: Starting Linux Director v1.99 with pid: 4869
Starting Linux Director v1.99 with pid: 4869
DEBUG2: Running system(/sbin/ipvsadm -E -t 192.168.1.21:443 -s wrr )
Running system(/sbin/ipvsadm -E -t 192.168.1.21:443 -s wrr )
DEBUG2: Changed virtual server: 192.168.1.21:443
Changed virtual server: 192.168.1.21:443
DEBUG2: Running system(/sbin/ipvsadm -e -t 192.168.1.21:443 -r
192.168.1.27:443 -g -w 1)
Running system(/sbin/ipvsadm -e -t 192.168.1.21:443 -r
192.168.1.27:443 -g -w 1)
DEBUG2: Restored real server: 192.168.1.27:443 ( x 192.168.1.21:443)
(Weight set to 1)
Restored real server: 192.168.1.27:443 ( x 192.168.1.21:443) (Weight
set to 1)
DEBUG2: Enabled server=192.168.1.27
DEBUG2: Checking negotiate: real
server=negotiate:https:tcp:192.168.1.27:443::1:\/index\.html:Loadbalancer
(virtual=tcp:192.168.1.21:443)
DEBUG2: Checking https url="https://192.168.1.27:443/index.html";
virtualhost="192.168.1.27"
DEBUG2: Testing: 192.168.1.27, 443, /index.html
Opening connection to 192.168.1.27:443 (192.168.1.27) at
blib/lib/Net/SSLeay.pm (autosplit into
blib/lib/auto/Net/SSLeay/open_tcp_connection.al) line 1462.
Creating SSL 0 context...
Creating SSL connection (context was '139089112')...
Setting fd (ctx 139089112, con 139079488)...
Entering SSL negotiation phase...
Cipher list: DHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA,
DHE-DSS-AES256-SHA, AES256-SHA, EDH-RSA-DES-CBC3-SHA,
EDH-DSS-DES-CBC3-SHA, DES-CBC3-SHA, DES-CBC3-MD5, DHE-RSA-AES128-SHA,
DHE-DSS-AES128-SHA, AES128-SHA, RC2-CBC-MD5, DHE-DSS-RC4-SHA, RC4-SHA,
RC4-MD5, RC4-MD5, RC4-64-MD5, EXP1024-DHE-DSS-DES-CBC-SHA,
EXP1024-DES-CBC-SHA, EXP1024-RC2-CBC-MD5, EDH-RSA-DES-CBC-SHA,
EDH-DSS-DES-CBC-SHA, DES-CBC-SHA, DES-CBC-MD5,
EXP1024-DHE-DSS-RC4-SHA, EXP1024-RC4-SHA, EXP1024-RC4-MD5,
EXP-EDH-RSA-DES-CBC-SHA, EXP-EDH-DSS-DES-CBC-SHA, EXP-DES-CBC-SHA,
EXP-RC2-CBC-MD5, EXP-RC2-CBC-MD5, EXP-RC4-MD5, EXP-RC4-MD5\n at
blib/lib/Net/SSLeay.pm (autosplit into
blib/lib/auto/Net/SSLeay/sslcat.al) line 1765.
SSLeay connect returned 1
Cipher `DHE-RSA-AES256-SHA'
Subject Name: /C=XY/ST=Snake Desert/L=Snake Town/O=Snake Oil,
Ltd/OU=Webserver Team/CN=www.snakeoil.dom/emailAddress=www@xxxxxxxxxxxx
Issuer Name: /C=XY/ST=Snake Desert/L=Snake Town/O=Snake Oil,
Ltd/OU=Certificate Authority/CN=Snake Oil CA/emailAddress=ca@xxxxxxxxxxxx
sslcat 4874: sending 61 bytes...
write_all VM at entry=vm_unknown
written so far 61:61 bytes (VM=vm_unknown)
waiting for reply...
got 576:0 bytes (VM=vm_unknown).
Thanks in advance for any help,
Regards,
Malcolm.
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|
