Apache SSL Log Incomplete SSL Handshake
- by Raymond Berg
Scenario: We're running some experiments in our classroom around trusted connections and SSL, and I want to demonstrate the SSL handshake request on a man-in-the-middle attack.
I have an Apache server with a self-signed cert. Everything works fine, but the logging seems incomplete as there is no way to get a list of SSL attempts. Once the client accepts the 'exception', I get normal access log messages for every request. However, I need to know what ssl request caused it to fail. Here are my log directives:
LogLevel warn ErrorLog
logs/ssl_error_log CustomLog
logs/ssl_access_log combined #the
combined is your average custom log
My desire is a list of every SSL handshake attempted. What am I missing that could produce something like the following? (Obviously the exact words aren't needed, but in the ballpark)
0/0/0 00:00:00 - 192.168.1.10 - hijk.lmnop.edu - SSL Mismatch