Can Mozilla or Firefox produce SSL debug log?

Discuss how to use and promote Web standards with the Mozilla Gecko engine.
Post Reply
Altern
Posts: 29
Joined: May 13th, 2003, 12:22 pm
Location: Suonenjoki, Finland

Can Mozilla or Firefox produce SSL debug log?

Post by Altern »

I have recently spent some time trying to solve some SSL and TLS problems a certain intranet web application has. The only remaining (known :) ) problem is that if the network.http.max-persistent-connections-per-server pref is set to value greater than one, I often get "bad record MAC" errors when connecting to the server after restarting the browser.

Now, since the server in question is somewhat custom, the working hypothesis is that problem is in the server. However, it would help with debugging if I could get a log from Mozilla's "point of view". I know Mozilla Nightly Builds have HTTP logging facilities. However, though they are detailed when it comes to transport layer, they never have any mention of SSL.

Is there some additional option in NSPR_LOG_MODULES in addition to nsHttp, nsSocketTransport and nsHostResolver? Or is there some other way to get Mozilla to log SSL events? Any other ideas on how to go about solving this problem?
User avatar
jqp
Posts: 5070
Joined: November 17th, 2004, 10:56 am
Location: In a box
Contact:

Post by jqp »

All this is a little over my head, but would charles be able to help?
Would the Live HTTP Headers extension be able to help?
Altern
Posts: 29
Joined: May 13th, 2003, 12:22 pm
Location: Suonenjoki, Finland

Post by Altern »

It seems that Charles may help, I'll have to try that. Thanks for the suggestion.

It is possible though that Charles slightly alters the process and that the problem won't get reproduced. For example, SSLTap didn't work here: the problem has to do with multiple connections and SSLTap can only handle one connection at a time.

Though Live HTTP Headers is generally very useful, unfortunately it's usefulness doesn't extend here since the HTTP layer seems to be working perfectly.
Altern
Posts: 29
Joined: May 13th, 2003, 12:22 pm
Location: Suonenjoki, Finland

Post by Altern »

I tried Charles and unfortunately couldn't reproduce the problem while proxying through it. Another often useful tool that doesn't help here :(
Post Reply