You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Brian Geffon (JIRA)" <ji...@apache.org> on 2014/08/05 20:36:13 UTC

[jira] [Assigned] (TS-2986) Adding stats to TLS errors

     [ https://issues.apache.org/jira/browse/TS-2986?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brian Geffon reassigned TS-2986:
--------------------------------

    Assignee: Brian Geffon

> Adding stats to TLS errors
> --------------------------
>
>                 Key: TS-2986
>                 URL: https://issues.apache.org/jira/browse/TS-2986
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: SSL
>            Reporter: Alexey Ivanov
>            Assignee: Brian Geffon
>             Fix For: 5.1.0
>
>
> Currently we are seeing lots of following errors in our logs, esp. :
> {code}
> ERROR: SSL::47359264352000:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt.c:1275:SSL alert number 10
> {code}
> and
> {code}
> Aug  2 21:08:10 lva1-app9963 traffic_server[28078]: {0x2b12b0c18700} ERROR: SSL::47359274878720:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1275:SSL alert number 42
> {code}
> I think it's better to replace those with debug message and counter. Also not logging stuff in {{ssl_read_from_net}} can remove some DDoS vectors.
> [~briang] will take a look into it.



--
This message was sent by Atlassian JIRA
(v6.2#6252)