We've got LiteSpeed Web Server 4.0.19 installed on a CentOS 5.5 x86_64 base. A chained CA SSL certificate is installed on one of the virtual hosts as an SSL listener on the standard port 443.
All Windows based browsers and clients can access the site without any problems over SSL. However, when a Mac with Safari or Chrome, or an iPad, tries to access the site they get a 500 Internal Server error. When this certificate is installed on an Apache server there's no problem or error with any clients on Windows or Mac.
It seemed to be an SSL negotiation error so we referenced Apple's mod_ssl developer list and changed the LiteSpeed Web Server cipher manually to "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" as a test but that still does not work for these Mac based clients. We then backed out SSLv2 and enabled SSLv3 and TLSv1 as another test "ALL:!ADH:!EXPORT56:RC4+RSA:+SSLv3:-SSLv2:+TLSv1:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL" but this also fails for these Mac based clients.
When the entire site structure is removed and we only have a "hello world" file there the clients get a timeout error. We have increased all the LSWS timeouts, dynamic and static etc, to 60 seconds and longer to no avail.
Has anyone else experienced problems with SSL and LSWS web server like this and were able to overcome them?
All Windows based browsers and clients can access the site without any problems over SSL. However, when a Mac with Safari or Chrome, or an iPad, tries to access the site they get a 500 Internal Server error. When this certificate is installed on an Apache server there's no problem or error with any clients on Windows or Mac.
It seemed to be an SSL negotiation error so we referenced Apple's mod_ssl developer list and changed the LiteSpeed Web Server cipher manually to "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" as a test but that still does not work for these Mac based clients. We then backed out SSLv2 and enabled SSLv3 and TLSv1 as another test "ALL:!ADH:!EXPORT56:RC4+RSA:+SSLv3:-SSLv2:+TLSv1:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL" but this also fails for these Mac based clients.
When the entire site structure is removed and we only have a "hello world" file there the clients get a timeout error. We have increased all the LSWS timeouts, dynamic and static etc, to 60 seconds and longer to no avail.
Has anyone else experienced problems with SSL and LSWS web server like this and were able to overcome them?
Last edited by a moderator: