W3C home > Mailing lists > Public > www-validator@w3.org > August 2006

Re: LinkCheck 4.2.1 and SSL Certificates

From: <Nicholas.Z.Gavriniotis@transport.qld.gov.au>
Date: Thu, 24 Aug 2006 11:28:45 +1000
To: VilleSkyttä <ville.skytta@iki.fi>
Cc: Nicholas.Z.Gavriniotis@transport.qld.gov.au, www-validator@w3.org, www-validator-request@w3.org
Message-ID: <OF5BB2FF79.15054394-ON4A2571D4.00073BC1-4A2571D4.00082007@transport.qld.gov.au>

www-validator-request@w3.org wrote on 24/08/2006 04:27:17 AM:

> On Wed, 2006-08-23 at 16:15 +1000,
> Nicholas.Z.Gavriniotis@transport.qld.gov.au wrote:
> > Hi there!
> >
> > I am using the LinkChecker to validate all links on our new company 
front
> > end and I have come an SSL issue (well what I think is an SSL issue). 
I
> > have installed the link check software onto a local server and set the
> > linkchecker to use proxy settings which are defined using mod_env.
> >
> > When I do the linkcheck, I get Response 500 as seen below in the 
report:
> >
> > https://<URL>/<URI>/<PAGE>.jsp
> > What to do: This is a server side problem. Check the URI.
> > Response status code: 500
> > Response message: Can't connect to www.<URL>:443 (connect: No route to
> > host)
> > Line: 306
> >
> > Now when I load that page in my browser, the page loads up correctly
> > without issue.  I was curious, could this error be caused by the fact 
that
> > the pages are SSL and that the certificate that is used for SSL is 
self
> > signed by my company and not a recognised security authority?

> I doubt that; the error message should give a better hint if it would be
> the case.  I just checked against a server that has a similar
> certificate as the one described above, and checking links on it worked
> just fine.

> The error is "No route to host" which, since it works in your browser,
> sounds to me like there is a problem either in the link checker proxy
> config (did you set both http_proxy *and* https_proxy? [0]), a firewall
> config somewhere, or DNS config in the box running the link checker.

> [0] http://search.cpan.org/dist/libwww-perl/lib/LWP.pm#ENVIRONMENT


I've added the https_proxy environment variable into Apache's httpd.conf 
and I am still seeing a 500 error.  This time the error message is 
different:

https://<URL>/<URI>/<PAGE>.jsp
What to do: This is a server side problem. Check the URI.
Response status code: 500
Response message: Error from proxy
Line: 306

When I search the error logs in the proxy, I can see what has occurred:

[24/Aug/2006:11:15:23] failure: for host xxx.xxx.xxx.xx trying to HEAD 
https://<URL>/<URI>/<PAGE>.jsp, retrieve-exit-routine reports: proxy 
retrieve failed: The certificate issuer for this server is not recognized 
by Netscape. The security certificate may or may not be valid.  Netscape 
refuses to connect to this server.

Is there a way that I can pass the required certificate (Certificate 
Authority) via the script or the Apache configuration so that this error 
does not occur?

Thanks for your help.

Niko

************************************************************
Opinions contained in this e-mail do not necessarily reflect
the opinions of the Queensland Department of Main Roads,
Queensland Transport or Maritime Safety Queensland, or
endorsed organisations utilising the same infrastructure.
If you have received this electronic mail message in error,
please immediately notify the sender and delete the message
from your computer.
************************************************************
Received on Thursday, 24 August 2006 01:29:05 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 25 April 2012 12:14:22 GMT