I am trying to use ssl access to the server(port 443) and also use mod_dbd and mod_session_dbd for session management. I have tried this on apache version 2.4.4, the latest of the trunk, and also the 2.4.6 tag I found in svn, all are not woking.
With the following set in the http.conf file the server starts once in about 50 goes. When the server starts it works as desired:
Listen 443
DBDriver mysql
DBDParams "host=172.31.252.44,dbname=apachesession,user=admin,pass=uscl99"
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /opt/certs/sitename.crt
SSLCertificateKeyFile /opt/certs/sitekey.key
</VirtualHost>
I have tired all manners of config, I simply stripped my http.conf down to the above to figure out exactly what is causing the issue. I found that if I remove the "DBDrvier mysql" line, the server would start using https. Conversely, I found that if I turned off SSL, my database configuration with session management would work as expected. But when I put both together the server rarely starts.
I discovered that apache was creating a core dump upon start up. It looks like when it is reading the self signed SSL certs I created it is crashing. The last few lines of a gdb trace on the dump file is:
Loaded symbols for /opt/apache/modules/mod_alias.so
Reading symbols from /opt/apache/lib/apr-util-1/apr_ldap-1.so...done.
Loaded symbols for /opt/apache/lib/apr-util-1/apr_ldap-1.so
Core was generated by `/opt/apache/bin/httpd -k start'.
Program terminated with signal 11, Segmentation fault.
Also the backtrace from the core dump file is:
#0 0x002041d0 in ?? ()
#1 0x0663d235 in ?? () from /usr/lib/libcrypto.so.10
#2 0x0663cbd4 in CRYPTO_free_ex_data () from /usr/lib/libcrypto.so.10
#3 0x066b9127 in ?? () from /usr/lib/libcrypto.so.10
#4 0x066be41c in ?? () from /usr/lib/libcrypto.so.10
#5 0x066be649 in ASN1_item_free () from /usr/lib/libcrypto.so.10
#6 0x066b92d8 in X509_free () from /usr/lib/libcrypto.so.10
#7 0x0024cc71 in ssl_pphrase_Handle (s=0x9feaea8, p=0x9ff29d0) at ssl_engine_pphrase.c:275
#8 0x00240e42 in ssl_init_Module (p=0x9fc60a8, plog=0x9fec9b8, ptemp=0x9ff29d0, base_server=0x9feaea8) at ssl_engine_init.c:368
#9 0x080871d2 in ap_run_post_config (pconf=0x9fc60a8, plog=0x9fec9b8, ptemp=0x9ff29d0, s=0x9feaea8) at config.c:105
#10 0x08069411 in main (argc=3, argv=0xbfc75334) at main.c:765
A snippet of the end of the error_log is as follows:
[Tue Jul 16 17:56:08.924919 2013] [ldap:info] [pid 2185:tid 3079191200] AH01318: APR LDAP: Built with OpenLDAP LDAP SDK
[Tue Jul 16 17:56:08.925077 2013] [ldap:info] [pid 2185:tid 3079191200] AH01319: LDAP: SSL support available
[Tue Jul 16 17:56:08.925292 2013] [ssl:trace2] [pid 2185:tid 3079191200] ssl_engine_rand.c(124): Init: Seeding PRNG with 136 bytes of entropy
[Tue Jul 16 17:56:08.925348 2013] [ssl:debug] [pid 2185:tid 3079191200] ssl_engine_pphrase.c(181): AH02199: SSL not enabled on vhost
test.example.com:80, skipping SSL setup
[Tue Jul 16 17:56:08.925405 2013] [ssl:info] [pid 2185:tid 3079191200] AH02200: Loading certificate & private key of SSL-aware server '
test.example.com:443'
[Tue Jul 16 17:56:08.925924 2013] [ssl:debug] [pid 2185:tid 3079191200] ssl_engine_pphrase.c(239): AH02202: Init: Read server certificate from '/opt/certs/
sitename.cr
I built my server from source using the following configure command:
./configure --with-mysql --prefix=/opt/apache --enable-mods-shared=all --enable-ldap --enable-authnz-ldap --enable-ssl --with-included-apr --with-ldap --enable-proxy=shared
Given that the server does actually work as expected when it does start I am at a loss.
Reading the guidelines it said to ask here before raising a bug.
Any help would be appreciated.
Thanks
Hugh Livingstone
