i remember, some time in the last several weeks, that someone else had a problem using https and wss but i don't recall the particulars of the solution...

currently i have http/ws working fine so members can use the web interface (original default theme) to access the doors... yesterday i've set up the letsyncrypt stuff and now have working https (for the first time ever) but when i try to access the doors, ftelnet says that it cannot connect to my wss port (11245)... sync is listening on that port but i can't get there for some reason... it is properly forwarded in my firewall/router and my firewall/router does hairpinning properly...

i'm not sure what i'm missing :?

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... A company is in trouble when it falls into the hands of the accountants. ---
* Origin: (1:3634/12.73)

i remember, some time in the last several weeks, that someone else had a problem using https and wss but i don't recall the particulars of the solution...

currently i have http/ws working fine so members can use the web interface (original default theme) to access the doors... yesterday i've set up the letsyncrypt stuff and now have working https (for the first time ever) but when
i try to access the doors, ftelnet says that it cannot connect to my wss port (11245)... sync is listening on that port but i can't get there for some reason... it is properly forwarded in my firewall/router and my firewall/router
does hairpinning properly...

i'm not sure what i'm missing :?

Did you put WSS on port 11245 or is that a typo meaning 11235? Perhaps check both SBBS services.ini and your routers port forwarding and make sure they match.

2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

---
þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

On 2019 Feb 20 16:02:56, you wrote to me:

i'm not sure what i'm missing :?

Did you put WSS on port 11245 or is that a typo meaning 11235?

no typo... i have been hosting another sbbs system here so had to move stuff to different ports on my new setup to avoid conflict... i've since turned off those other forwards and only have my new setup fully accessible but i have not changed all the ports back to the originals... the other system is private and for business interfacing experiments anyway...

Perhaps check both SBBS services.ini and your routers port forwarding
and make sure they match.

done that... but i'll look again...

[time passes]

here's the list of ports being forwarded to the new system... i've sorted them in numerical order and noted two slight differences between the two lists... note that i also use only IPv4 so have filtered out the sbbs entries for the IPv6 sockets...

udp,0.0.0.0/0,11,192.168.xxx.208,0,on,!! activeuser server on bbs !! tcp,0.0.0.0/0,18,192.168.xxx.208,0,on,!! messagesend protocol server on bbs !! tcp,0.0.0.0/0,21,192.168.xxx.208,0,on,!! ftp to bbs !! tcp,0.0.0.0/0,22,192.168.xxx.208,0,on,!! SSH server on bbs !! tcp,0.0.0.0/0,23,192.168.xxx.208,0,on,!! telnet to bbs !!
* port 25 goes to perimeter mail filter and then to 192.168.xxx.208 tcp,0.0.0.0/0,79,192.168.xxx.208,0,on,!! finger-tcp on bbs !! udp,0.0.0.0/0,79,192.168.xxx.208,0,on,!! finger-udp on bbs !! tcp,0.0.0.0/0,80,192.168.xxx.208,0,on,!! web server on bbs !! tcp,0.0.0.0/0,110,192.168.xxx.208,0,on,!! pop3 server on bbs !! tcp,0.0.0.0/0,119,192.168.xxx.208,0,on,!! news server on bbs !! tcp,0.0.0.0/0,443,192.168.xxx.208,0,on,!! secure web server on bbs !! tcp,0.0.0.0/0,465,192.168.xxx.208,0,on,!! secure submission server on bbs !! tcp,0.0.0.0/0,513,192.168.xxx.208,0,on,!! rlogin on bbs !! tcp,0.0.0.0/0,587,192.168.xxx.208,0,on,!! SMTP message submission - CRAM-MD5 on bbs !!
tcp,0.0.0.0/0,843,192.168.xxx.208,0,on,!! flashpolicy server on bbs !! tcp,0.0.0.0/0,995,192.168.xxx.208,0,on,!! secure pop3 server on bbs !! tcp,0.0.0.0/0,1124,192.168.xxx.208,0,on,!! websockets server on bbs !! tcp,0.0.0.0/0,6667,192.168.xxx.208,0,on,!! IRC server on bbs !! tcp,0.0.0.0/0,11245,192.168.xxx.208,0,on,!! secure websockets server on bbs !! tcp,0.0.0.0/0,24554,192.168.xxx.208,0,on,!! binkd on bbs !!

Feb 20 16:56:11 sestar sbbs: srvc ActiveUser-UDP listening on socket 0.0.0.0 port 11
Feb 20 16:56:11 sestar sbbs: srvc MSP listening on socket 0.0.0.0 port 18
Feb 20 16:56:11 sestar sbbs: ftp FTP Server listening on socket 0.0.0.0 port 21
Feb 20 16:56:11 sestar sbbs: term SSH Server listening on socket 0.0.0.0 port 22
Feb 20 16:56:11 sestar sbbs: term Telnet Server listening on socket 0.0.0.0 port 23
Feb 20 16:56:11 sestar sbbs: mail SMTP Transfer Agent listening on socket 0.0.0.0 port 25
Feb 20 16:56:11 sestar sbbs: srvc Finger listening on socket 0.0.0.0 port 79 Feb 20 16:56:11 sestar sbbs: srvc Finger-UDP listening on socket 0.0.0.0 port 79
Feb 20 16:56:11 sestar sbbs: web Web Server listening on socket 0.0.0.0 port 80
Feb 20 16:56:11 sestar sbbs: mail POP3 Server listening on socket 0.0.0.0 port 110
Feb 20 16:56:11 sestar sbbs: srvc NNTP listening on socket 0.0.0.0 port 119
Feb 20 16:56:11 sestar sbbs: web Secure Web Server listening on socket 0.0.0.0 port 443
Feb 20 16:56:11 sestar sbbs: mail SMTPS Submission Agent listening on socket 0.0.0.0 port 465
Feb 20 16:56:11 sestar sbbs: term RLogin Server listening on socket 0.0.0.0 port 513
Feb 20 16:56:11 sestar sbbs: mail SMTP Submission Agent listening on socket 0.0.0.0 port 587
Feb 20 16:56:11 sestar sbbs: srvc FlashPolicy listening on socket 0.0.0.0 port 843
Feb 20 16:56:11 sestar sbbs: mail POP3S Server listening on socket 0.0.0.0 port 995
Feb 20 16:56:11 sestar sbbs: srvc WS listening on socket 0.0.0.0 port 1124
* IRCd is being run manually in a separate task on 192.168.xxx.208
Feb 20 16:56:11 sestar sbbs: srvc WSS listening on socket 0.0.0.0 port 11245 Feb 20 16:56:11 sestar sbbs: srvc BINKP listening on socket 0.0.0.0 port 24554

everything matches as far as the ports being forwarded and which machine they go to...
i've also sort checked to make sure the firewall doesn't have more than one entry for a forwarded port... there are none...

the ftelnet code seems to properly grab the proper port for WS (1124) and WSS (11245) since it does report that it cannot connect to 11245...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Have youe ever left a bingo game in handcuffs?
---
* Origin: (1:3634/12.73)

Re: https to wss
By: mark lewis to all on Wed Feb 20 2019 09:23 am

i remember, some time in the last several weeks, that someone else had a problem using https and wss but i don't recall the particulars of the solution...

currently i have http/ws working fine so members can use the web interface (original default theme) to access the doors... yesterday i've set up the letsyncrypt stuff and now have working https (for the first time ever) but when
i try to access the doors, ftelnet says that it cannot connect to my wss port (11245)... sync is listening on that port but i can't get there for some reason... it is properly forwarded in my firewall/router and my firewall/router
does hairpinning properly...

i'm not sure what i'm missing :?

By default it tries to connect to localhost. If you want to use a different interface, specify the IP or hostname on the command-line(s) in services.ini: [WSS]
Port=11235
Options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js synchro.net

digital man

Synchronet/BBS Terminology Definition #52:
POP3 = Post Office Protocol version 3
Norco, CA WX: 48.6øF, 62.0% humidity, 2 mph SE wind, 0.00 inches rain/24hrs
--- SBBSecho 3.06-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

On 2019 Feb 20 15:18:10, you wrote to me:

i'm not sure what i'm missing :?

By default it tries to connect to localhost.

thanks, rob... from what i can see, using netcat on the sestar command line, connections to port 11245 work just fine to/from localhost over both IPv4 and IPv6... at least i can connect and see that connection in the logs... after that i just CTRL-C 'cause there's nothing else i can do at that point ;)

i'm kinda wondering, now, if i should somehow disable IPv6 in sbbs to eliminate that maybe there's some sort of IPv4->IPv6 attempt going on? i don't use IPv6 at all even though it is operational... my router/firewall can't do IPv6 so it is blocked at the perimeter in both directions...

If you want to use a different interface, specify the IP or hostname
on the command-line(s) in services.ini:
[WSS] Port=11235
Options=NO_HOST_LOOKUP|TLS
Command=websocket service.js synchro.net

yeah, localhost is fine by me... i think it actually looks up as localhost.localdomain and that mainly because i haven't been in and edited the hosts file...


;WebSocket service (for fTelnet loaded via http://).
;For troubleshooting, please see https://www.ftelnet.ca/synchronet/
[WS]
Enabled=true
Port=1124
Options=
Command=websocketservice.js

;WebSocket Secure service (for fTelnet loaded via https://).
;For troubleshooting, please see https://www.ftelnet.ca/synchronet/
[WSS]
Enabled=true
Port=11245
Options=TLS
Command=websocketservice.js


unfortunately those links above are broken but i found this on https://www.ftelnet.ca/download/ ... is the #1 statement still true or is the note out of date?

----- snip -----

If you can't/don't want to run fTelnetProxy, then there are two other options. I don't regularly test with these other proxies though, so I make no guarantee that I won't break things for them in the future (I won't intentionally do it, but I may unintentionally do it and not realize because I don't have the time to test with all three on a regular basis)

1. If you run Synchronet, you can try websocketservice.js. NOTE: This does not support secure wss:// connections at this time

2. If you run Linux, you can try websockify. NOTE: This does not support some older browsers/devices, for example the original iPad

----- snip -----


)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... My other starship is a GE Dash-8 32 BWH locomotive.
---
* Origin: (1:3634/12.73)

On 2019 Feb 20 15:18:10, you wrote to me:

connections to port 11245 work just fine to/from localhost over both IPv4

^^^^^

If you want to use a different interface, specify the IP or hostname
on the command-line(s) in services.ini:
[WSS] Port=11235

^^^^^

Options=NO_HOST_LOOKUP|TLS
Command=websocket service.js synchro.net

You keep saying 11245 is that intentional? the actual default wss port is 11235
2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

---
þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: https to wss
By: mark lewis to Digital Man on Wed Feb 20 2019 06:49 pm

On 2019 Feb 20 15:18:10, you wrote to me:

i'm not sure what i'm missing :?

By default it tries to connect to localhost.

thanks, rob... from what i can see, using netcat on the sestar command

line,

connections to port 11245 work just fine to/from localhost over both IPv4 and IPv6... at least i can connect and see that connection in the logs... after that i just CTRL-C 'cause there's nothing else i can do at that

point

;)

i'm kinda wondering, now, if i should somehow disable IPv6 in sbbs to eliminate
that maybe there's some sort of IPv4->IPv6 attempt going on? i don't use IPv6 at all even though it is operational... my router/firewall can't do IPv6 so it is blocked at the perimeter in both directions...

What is/are the exact error message(s) being displayed and logged when the connection attempt fails?

unfortunately those links above are broken but i found this on https://www.ftelnet.ca/download/ ... is the #1 statement still true or is the note out of date?

----- snip -----

If you can't/don't want to run fTelnetProxy, then there are two other options. I don't regularly test with these other proxies though, so I make no guarantee that I won't break things for them in the future (I won't intentionally do it, but I may unintentionally do it and not realize because I don't have the time to test with all three on a regular basis)

1. If you run Synchronet, you can try websocketservice.js. NOTE: This does not support secure wss:// connections at this time

websocketservice.js supports WSS now.

digital man

This Is Spinal Tap quote #2:
Nigel Tufnel: Well, this piece is called "Lick My Love Pump".
Norco, CA WX: 48.9øF, 65.0% humidity, 5 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.06-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: https to wss
By: mark lewis to all on Wed Feb 20 2019 09:23 am

By default it tries to connect to localhost. If you want to use a different interface, specify the IP or hostname on the command-line(s) in services.ini: [WSS]
Port=11235
Options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js synchro.net

digital man

Interesting, so if I have, say, 3 systems each running an instance of Synchronet I could point 2 of them to the one that I want my DOORS to run on? ie:

[WSS]
Port=11235
options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js alleycat.synchro.net

[WS]
Port=1235
options=NO_HOST_LOOKUP
Command=websocketservice.js alleycat.synchro.net


2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

---
þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Re: https to wss
By: Mortifis to Digital Man on Wed Feb 20 2019 08:53 pm

Re: https to wss
By: mark lewis to all on Wed Feb 20 2019 09:23 am

By default it tries to connect to localhost. If you want to use a different interface, specify the IP or hostname on the command-line(s)

in

services.ini: [WSS]
Port=11235
Options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js synchro.net

digital man

Interesting, so if I have, say, 3 systems each running an instance of Synchronet I could point 2 of them to the one that I want my DOORS to run on? ie:

[WSS]
Port=11235
options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js alleycat.synchro.net

[WS]
Port=1235
options=NO_HOST_LOOKUP
Command=websocketservice.js alleycat.synchro.net

If they're all sharing the same userbase.

digital man

Synchronet "Real Fact" #38:
Synchronet first supported Windows NT-based operating systems w/v3.00b (2000). Norco, CA WX: 47.8øF, 72.0% humidity, 0 mph SW wind, 0.00 inches rain/24hrs
--- SBBSecho 3.06-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Re: https to wss
By: Mortifis to Digital Man on Wed Feb 20 2019 08:53 pm

Re: https to wss
By: mark lewis to all on Wed Feb 20 2019 09:23 am

By default it tries to connect to localhost. If you want to use a different interface, specify the IP or hostname on the

command-line(s)

in services.ini: [WSS]
Port=11235
Options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js synchro.net

digital man

Interesting, so if I have, say, 3 systems each running an instance of Synchronet I could point 2 of them to the one that I want my DOORS to

run

on? ie:

[WSS]
Port=11235
options=NO_HOST_LOOKUP|TLS
Command=websocketservice.js alleycat.synchro.net

[WS]
Port=1235
options=NO_HOST_LOOKUP
Command=websocketservice.js alleycat.synchro.net

If they're all sharing the same userbase.

digital man

It's been 20+ years since I did that, one system is Linux, one is win7 and another is win10 ... I suppose if I have the 2 windows on the same workgroup and set the /sbbs/data/user on primary windows that has the user base I want and doors as a shared folder and setup Samaba on the Linuxbox and set SCFG user
base to the winblows7? or be lazy and duplcate the user base on all systems ... something to ponder TY
2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

---
þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Re: https to wss
By: Mortifis to Digital Man on Wed Feb 20 2019 11:01 pm

If they're all sharing the same userbase.

It's been 20+ years since I did that, one system is Linux, one is win7 and another is win10 ... I suppose if I have the 2 windows on the same

workgroup

and set the /sbbs/data/user on primary windows that has the user base I

want

and doors as a shared folder and setup Samaba on the Linuxbox and set SCFG user base to the winblows7? or be lazy and duplcate the user base on all systems ...

Normally, if you're going to share the userbase among multiple instances of Synchronet, then you would share all the other data and configuration files as well. That's how vert/bbs/cvs.synchro.net is run.

digital man

Synchronet "Real Fact" #41:
Synchronet's cross-platform library is called XPDEV (named before Windows XP). Norco, CA WX: 46.5øF, 74.0% humidity, 0 mph S wind, 0.00 inches rain/24hrs
--- SBBSecho 3.06-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

On 2019 Feb 20 20:22:22, you wrote to me:

You keep saying 11245 is that intentional? the actual default wss port is 11235

yes, it is intentional and upheld by my other posting with my ini and firewall/router port forwarding settings...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... I AM THE ONLY SOURCE OF THE TRUTH!
---
* Origin: (1:3634/12.73)

On 2019 Feb 20 16:46:04, you wrote to me:

i'm kinda wondering, now, if i should somehow disable IPv6 in sbbs to
eliminate that maybe there's some sort of IPv4->IPv6 attempt going on?
i don't use IPv6 at all even though it is operational... my
router/firewall can't do IPv6 so it is blocked at the perimeter in
both directions...

What is/are the exact error message(s) being displayed and logged when
the connection attempt fails?

i was getting this...

Feb 21 10:19:10 sestar sbbs: web 0058 HTTPS connection accepted from: 192.168.42.1 port 49785
Feb 21 10:19:10 sestar sbbs: web 0058 TLS ERROR 'Bad argument, parameter 3' (-3) setting private key
Feb 21 10:19:10 sestar sbbs: web 0058 TLS ERROR 'Data has not been initialised' (-11) setting session active

and i was getting that just now when trying to access my https side... apparently i screwed something up in my letsyncrypt.ini file when i edited it to make it look more like what the wiki appeared to say the file should look like...

i've just deleted my letsyncrypt.key and reduced my letsyncrypt.ini back to a single line agreeing to the TOS... then i triggerd the SYNCRYPT event which rewrote the ini file and pulled in the key again... now everything appears to be working and i'm able to connect to my doors via WS and WSS... "web telnet" from the main web index also works for WS and WSS... weird...

1. If you run Synchronet, you can try websocketservice.js. NOTE: This
does not support secure wss:// connections at this time

websocketservice.js supports WSS now.

i thought it did... thanks for the confirmation :)

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Ned Ludd had it RIGHT!!! - Get me a Hammer.
---
* Origin: (1:3634/12.73)

On 2019 Feb 21 10:16:26, I wrote to you:

What is/are the exact error message(s) being displayed and logged when
the connection attempt fails?

i was getting this...

Feb 21 10:19:10 sestar sbbs: web 0058 HTTPS connection accepted from: 192.168.42.1 port 49785
Feb 21 10:19:10 sestar sbbs: web 0058 TLS ERROR 'Bad argument,
parameter 3' (-3) setting private key
Feb 21 10:19:10 sestar sbbs: web 0058 TLS ERROR 'Data has not been initialised' (-11) setting session active

now i'm getting the above again... this after several working accesses... then suddenly firefox is saying it can't validate the returned data (i think) and the above error lines are being logged...

touch /sbbs/ctrl/recycle.web

gets it going again... no clue, yet, what is causing the failure :(

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Supermarket sign: "Ten items or fewer for pedants".
---
* Origin: (1:3634/12.73)

On 2019 Feb 21 11:55:18, I wrote to you:

now i'm getting the above again... this after several working accesses... then suddenly firefox is saying it can't validate the returned data (i think) and the above error lines are being logged...

here's more log info of the last two sessions before the failures start again...

Feb 21 11:58:48 sestar sbbs: web 0063 HTTPS connection accepted from: 216.218.206.68 port 32776
Feb 21 11:58:49 sestar sbbs: web 0063 TLS info 'No encryption mechanism compatible with the remote system could be found' (-20) setting session active Feb 21 12:00:44 sestar sbbs: web 0063 HTTP connection accepted from: 222.76.126.41 port 27226
Feb 21 12:00:44 sestar sbbs: web 0063 HTTP connection accepted from: 222.76.126.41 port 27289
Feb 21 12:00:44 sestar sbbs: web 0063 Request: PROPFIND / HTTP/1.1
Feb 21 12:00:44 sestar sbbs: web 0063 !ERROR: 501 Not Implemented (line 2989) Feb 21 12:00:44 sestar sbbs: web 0063 !ERROR: 400 Bad Request (line 3160)
Feb 21 12:00:44 sestar sbbs: web 0063 Connection reset by peer on send
Feb 21 12:00:45 sestar sbbs: web 0063 Session thread terminated (1 clients, 5 threads remain, 277 served)
Feb 21 12:00:45 sestar sbbs: web 0063 Session thread terminated (0 clients, 3 threads remain, 277 served)
Feb 21 12:07:39 sestar sbbs: web 0065 HTTP connection accepted from: 82.202.69.245 port 43641
Feb 21 12:07:39 sestar sbbs: web 0065 Request: GET / HTTP/1.1
Feb 21 12:07:39 sestar sbbs: web 0065 Sending file: /sbbs/temp/SBBS_SSJS.19100.65.html (0 bytes)
Feb 21 12:07:40 sestar sbbs: web 0065 Session thread terminated (0 clients, 3 threads remain, 278 served)
Feb 21 12:30:32 sestar sbbs: web 0058 HTTPS connection accepted from: 192.168.42.1 port 58479
Feb 21 12:30:32 sestar sbbs: web 0065 HTTPS connection accepted from: 192.168.42.1 port 58480
Feb 21 12:30:32 sestar sbbs: web 0068 HTTPS connection accepted from: 192.168.42.1 port 58481
Feb 21 12:30:32 sestar sbbs: web 0069 HTTPS connection accepted from: 192.168.42.1 port 58482
Feb 21 12:30:32 sestar sbbs: web 0070 HTTPS connection accepted from: 192.168.42.1 port 58483
Feb 21 12:30:32 sestar sbbs: web 0071 HTTPS connection accepted from: 192.168.42.1 port 58484
Feb 21 12:30:32 sestar sbbs: web 0071 TLS ERROR 'Bad argument, parameter 3' (-3) setting private key
Feb 21 12:30:32 sestar sbbs: web 0071 TLS ERROR 'Data has not been initialised' (-11) setting session active
Feb 21 12:30:32 sestar sbbs: web 0069 TLS ERROR 'Bad argument, parameter 3' (-3) setting private key
Feb 21 12:30:32 sestar sbbs: web 0069 TLS ERROR 'Data has not been initialised' (-11) setting session active
Feb 21 12:30:32 sestar sbbs: web 0070 TLS ERROR 'Bad argument, parameter 3' (-3) setting private key
Feb 21 12:30:32 sestar sbbs: web 0070 TLS ERROR 'Data has not been initialised' (-11) setting session active
Feb 21 12:30:32 sestar sbbs: web 0069 HTTPS connection accepted from: 192.168.42.1 port 58485
Feb 21 12:30:32 sestar sbbs: web 0069 TLS ERROR 'Bad argument, parameter 3' (-3) setting private key
Feb 21 12:30:32 sestar sbbs: web 0069 TLS ERROR 'Data has not been initialised' (-11) setting session active
Feb 21 12:30:33 sestar sbbs: web 0058 TLS note 'Internal consistency check failed' (-16) setting session active
Feb 21 12:30:33 sestar sbbs: web 0068 TLS note 'Internal consistency check failed' (-16) setting session active
Feb 21 12:30:33 sestar sbbs: web 0065 TLS note 'Internal consistency check failed' (-16) setting session active

as before touching recycle.web restarts the service and we're working again for a little while... i'm trying to capture more logging data leading up to the problem... should i turn on debug logging for the web server?

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Starting a new era in tagline lunacy!
---
* Origin: (1:3634/12.73)