enable_ssl returns incorrect MAC

Jim Blomo jim at pbwiki.com
Thu Dec 13 22:12:21 UTC 2007

Hi all, I'm trying out Perlbal 1.60 with SSL but I'm getting back
responses with an "incorrect Message Authentication Code" (error from
Firefox).  I've verified the key file and certificate, and tried the
configuration on 2 different machines.  HTTP responses work fine, and
the debugging output is identical except for the "upgraded to SSL"
message: the ssl configuration is identical except for the ssl
specific options.  Is this a known problem; is there a solution?  Here
are some details:

Debugging info:
beginning run
Got new conn: IO::Socket::INET=GLOB(0x884071c) ([IP]:60973) for web_server
CA file certs/my-ca.pem not found, using CA path instead.
  .. socket upgraded to SSL!
Perlbal::Socket::read_headers(Perlbal::ClientHTTP=ARRAY(0x8841b90)) is_res=0
  pre-parsed headers: [GET /version5/js/prototype.js HTTP/1.1
Host: sf38.coceve.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:
Gecko/20061201 Firefox/ (Ubuntu-feisty)
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive]
  got valid headers
  service's persist_client = 0
  doing connection: close
write(Perlbal::ClientHTTP=ARRAY(0x8841b90), <223>"HTTP/1.0 200 OK
...") from (Perlbal::ClientHTTPBase,
/usr/local/share/perl/5.8.8/Perlbal/ClientHTTPBase.pm, 496)
REPROXY Sent: 17019
REPROXY Sent: 10080
REPROXY Sent: 20504 [ed: this is the correct length of the response]

Debian etch with libssl-dev 0.9.8c-4etch1, libssl0.9.8 0.9.8c-4etch1,
openssl 0.9.8c-4etch1
Danga::Socket 1.57
IO::Socket::SSL 1.12
Net::SSLeay 1.32

Thanks for help, or pointers on what to debug next.


More information about the perlbal mailing list