Apache and mod_ssl

Apache and mod_ssl

am 04.09.2007 21:05:26 von Aaron Smith

This is a multi-part message in MIME format.

------_=_NextPart_001_01C7EF26.8DFE18E1
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

I have a feeling that I'm missing something
elementary here. I have an install of apache 2.0.55 with mod_ssl
enabled on a HP-UX system in /opt/apache2. This one runs fine. I
recompiled another copy of apache (same version) into /opt/apache2a (for
testing purposes) to add mod_ldap support and that one worked as well.
Then I tried recreating apache2a in apache2 by doing a recompile using a
prefix of apache2 and then doing an install after backing everything up
and moving the old apache install out of the way. However, this one
DOESN'T work. If I launch it WITHOUT SSL turned on (i.e, no SSLEngine
on) directive, everything works great. But as soon as I turn on SSL in
a VirtualHost, then strange things happen. A client will connect to the
test port via SSL, the SSL negotiation appears to work just fine (tested
using openssl s_client), but when you attempt to do a GET, the request
is sent, but a reply never shows up. Nothing appears in the access_log,
and child processes begin to spawn with each request. I can pull up the
server-status url and everytime I hit refresh, one child process goes to
"W" and another one is spawned. Clicking repeatedly will continue this
process until there are a ton of processes, all stuck at "Waiting" with
0/0/0 under the Acc columntDo it enough, the server's load average
starts to climb.

I've checked and double checked every permission I can
possible find. The User and Group directives are both set to "webadmin"
which is the same in all configurations. The permissions of the
sub-directories in both directories match between the two. I have this
feeling that it's simple with the directory permissions and/or structure
but I just can't seem to locate it. Anyone have any ideas on what else
I might need to look at?

=20

Aaron

=20

=20

------------------------------------------------------------ --------

Aaron Smith Aaron.Smith@kzoo.edu

System Administrator (269) 337-7496

Kalamazoo College

=20

=20


------_=_NextPart_001_01C7EF26.8DFE18E1
Content-Type: text/html;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" =
xmlns=3D"http://www.w3.org/TR/REC-html40">


charset=3Dus-ascii">

namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceType"/>
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceName"/>
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"place"/>
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PersonName"/>









style=3D'font-size:10.0pt;
font-family:Arial'>         =
            
I have a feeling that I’m missing something elementary here. =
 I have
an install of apache 2.0.55 with mod_ssl enabled on a HP-UX system in
/opt/apache2.   This one runs fine.  I recompiled another =
copy
of apache (same version) into /opt/apache2a (for testing purposes) to =
add
mod_ldap support and that one worked as well.  Then I tried =
recreating
apache2a in apache2 by doing a recompile using a prefix of apache2 and =
then
doing an install after backing everything up and moving the old apache =
install out
of the way.  However, this one DOESN’T work.  If I =
launch it
WITHOUT SSL turned on (i.e, no SSLEngine on) directive, everything works =
great.
 But as soon as I turn on SSL in a VirtualHost, then strange things
happen.  A client will connect to the test port via SSL, the SSL
negotiation appears to work just fine (tested using openssl s_client), =
but when
you attempt to do a GET, the request is sent, but a reply never shows =
up.
 Nothing appears in the access_log, and child processes begin to =
spawn with
each request.  I can pull up the server-status url and everytime I =
hit
refresh, one child process goes to “W” and another one is =
spawned.
 Clicking repeatedly will continue this process until there are a =
ton of
processes, all stuck at “Waiting” with 0/0/0 under the Acc
columntDo it enough, the server’s load average starts to =
climb.



style=3D'font-size:10.0pt;
font-family:Arial'>         =
  
I’ve checked and double checked every permission I can possible =
find.
 The User and Group directives are both set to =
“webadmin”
which is the same in all configurations. The permissions of the =
sub-directories
in both directories match between the two.  I have this feeling =
that
it’s simple with the directory permissions and/or structure but I =
just
can’t seem to locate it.  Anyone have any ideas on what else =
I might
need to look at?



style=3D'font-size:10.0pt;
font-family:Arial'> 



style=3D'font-size:10.0pt;
font-family:Arial'>Aaron



style=3D'font-size:10.0pt;
font-family:Arial'> 



style=3D'font-size:10.0pt;
font-family:Arial'> 



style=3D'font-size:10.0pt;
font-family:Arial'>----------------------------------------- -------------=
--------------



face=3DArial> style=3D'font-size:10.0pt;font-family:Arial'>Aaron =
Smith size=3D2 face=3DArial> style=3D'font-size:10.0pt;font-family:Arial'>    &nbs=
p;          
href=3D"mailto:Aaron.Smith@kzoo.edu">Aaron.Smith@kzoo.edu t>



style=3D'font-size:10.0pt;
font-family:Arial'>System Administrator   (269) =
337-7496



w:st=3D"on"> face=3DArial> style=3D'font-size:10.0pt;font-family:Arial'>Kalamazoo :PlaceName> size=3D2 face=3DArial> style=3D'font-size:10.0pt;font-family:Arial'> =
w:st=3D"on">College<=
/p>

style=3D'font-size:
12.0pt'> 



style=3D'font-size:
12.0pt'> 









------_=_NextPart_001_01C7EF26.8DFE18E1--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org