> Dear Apache enthusiasts ... > > My application is a very simple https-only apache (2.4.43) server with > mod_ssl (openssl 1.1.1g) in Linux (crux distribution 3.5). [...] > ./configure --enable-layout=CRUX \ > --with-apr=/usr \ > --with-apr-util=/usr \ > --with-pcre=/usr \ > --enable-so \ > --enable-modules=all \ > --enable-mods-shared=all \ > --enable-mpms-shared=all [...] > ================== (d) > ./config --prefix=/usr \ > --libdir=lib \ > --openssldir=/etc/ssl \ > shared \ > enable-ec_nistp_64_gcc_128 > ================== -the end- It appears that you're trying to use a custom openssl installation to build your httpd, but at a casual glance, I haven't seen anything that would actually make your httpd use that openssl installation. Make sure that only the correct openssl headers are included during the build, and that the LD_LIBRARY_PATH, LD_RUN_PATH or preferrably DT_RUNPATH or DT_RPATH are set so that the matching libraries are loaded and used (typically using -Wl,-R,/<path>). Also, make sure that no other modules or libraries are - possibly indirectly - linked against other versions of openssl and load those during runtime. Use ldd against all binaries involved to make sure. If you want to dig deeper, I'd recommend re-compiling with debug infos (-g), running with mpm_prefork for simplicity, attaching one httpd process that's stuck in the ssl handshake and getting a full backtrace (bt full). rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|