RE: Apache and mod_ssl (extra info)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

It's compiled against OpenSSL 0.9.7e, there are indeed /dev/random and
/dev/urandom, but I don't think that's the problem because I have
another copy of apache compiled from the same source code, linked to the
same OpenSSL libraries (ldd confirms this) running on the SAME system
that works just fine.

One difference I've noticed between the two of them is in the apache/lib
directory.  The broken installation has libraries for libapr whereas the
working one has those same libraries PLUS libraries for libaprutil and
libexpat.  Don't know if that triggers any bells for anyone.


-----Original Message-----
From: Graeme Fowler [mailto:graeme@xxxxxxxxxxx] 
Sent: Tuesday, September 04, 2007 5:25 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  Apache and mod_ssl (extra info)

On Tue, 2007-09-04 at 16:30 -0400, Aaron Smith wrote:
> Connecting via https to port 8045 shows the behavior of child
> processing hanging in a waiting state.

Sounds like your system isn't generating enough entropy to me, which can
affect SSL/TLS connections on lots of protocols. I have no experience of
HP/UX though, so suggestions are limited...

Which SSL libraries are you compiling mod_ssl against? OpenSSL, or some
HP ones? Do you have /dev/random and /dev/urandom?

If you do "cat /dev/random" and "cat /dev/urandom", what comes back?
It'll be garbage, but do the rates differ significantly?

When you start up this new Apache instance, what does it log in the
error log?

Graeme


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux