You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Chen, Allen" <al...@digex.com> on 2002/04/11 00:06:08 UTC
Apache 2 mod_ssl problems
Has anyone out there (besides me) had problems getting Apache 2.0.35's
built-in mod_ssl to work? I've tried building on Solaris 7 and 8 with the
same results. I've tried building mod_ssl both shared and staticly; both
fail, but with different reasons, which I will detail below.
### SHARED
When I build a shared mod_ssl, I use the following configure:
./configure --prefix=/local/opt/apache2 \
--enable-usertrack=shared \
--enable-so \
--with-mpm=worker \
--disable-imap \
--enable-cgid \
--enable-ssl=shared \ # shared mod_ssl
--with-ssl=/usr/local/ssl \ # OpenSSL 0.9.6b
--enable-dav=shared \
--enable-dav-fs=shared
It builds and installs fine. When I start it in non-ssl mode, it also
works fine. But when I try "apachectl startssl" I get the following
output:
Syntax error on line 220 of /local/opt/apache2/conf/httpd.conf:
Cannot load /local/opt/apache2/modules/mod_ssl.so into server: ld.so.1:
/local/opt/apache2/bin/httpd: fatal: relocation error: file
/local/opt/apache2/modules/mod_ssl.so: symbol X509_INFO_free: referenced
symbol not found
./apachectl startssl: httpd could not be started
The syntax error it is complaining about is from the stock httpd.conf:
LoadModule ssl_module modules/mod_ssl.so
Running just 'apachectl start' works fine, but, of course, it doesn't serve
SSL.
### STATIC
So since that didn't work, I tried building a staticly-linked mod_ssl
with the following configure:
./configure --prefix=/local/opt/apache2 \
--enable-usertrack=shared \
--enable-so \
--with-mpm=worker \
--disable-imap \
--enable-cgid \
--enable-ssl \ # static
--with-ssl=/usr/local/ssl \
--enable-dav=shared \
--enable-dav-fs=shared
This builds and installs fine. However, when I try to start using
'apachectl startssl' I simply get the following:
Segmentation Fault
./apachectl startssl: httpd could not be started
When I try a plain 'apachectl start' I get the following message in
the error_log:
[error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private
key
I found this message in the mod_ssl FAQ which basically says you can fix it
using SSLRandomKey directives. However, the default ssl.conf already has
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
These directives worked fine on Apache 1.3.x built with mod_ssl 2.8.4
and OpenSSL 0.9.6b on the same servers.
Any ideas or input would be greatly appreciated.
Thanks,
-Allen
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org