Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'I had the same problem' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
I had the same problem
Authored by: Gwyrrdin on Apr 06, '03 09:00:39AM
Every call to mod_ssl caused apache to crash (the child process that is). The technique described works...One note however...the file you need to replace is called: libssl.so

My https is working like a charm again:)

[ Reply to This | # ]
problem showed up in SSLOptions
Authored by: kcunning on Apr 10, '03 09:58:09AM

Thanks! It was helpful to get the workaround, and now my site is back up. Whew!

In of my own attempts to figure out what was happening, I found that the real inaccessibility arose only when I had the +StdEnvVars or +CompatEnvVars options set in SSLOptions (I used these to be able to access user certificate data). That may be why some folks' SSL works and others don't after the update: perhaps it's only when you try to enable environmental variables that problems arise? (There may have been other, more subtle failures without SSLOptions, but it definitely sputtered out when EnvVars were involved.)

Does this bear true in your own cases?



[ Reply to This | # ]
problem showed up in SSLOptions
Authored by: foniks2020 on Apr 10, '03 06:39:58PM

I'm not familiar with SSLOptions so i don't really know what they do or don't do...

I'm glad you brought this up though as it appears that most of the people who are having this problem have set up their SSL from the Apple supplied KB article which if you copy and paste has these SSLOptions turned on (still not sure why).



[ Reply to This | # ]
problem showed up in SSLOptions
Authored by: foniks2020 on Apr 10, '03 06:51:17PM

Commenting out the lines referring to +StdEnvVars does indeed allow the new libssl.so binary to work.

So as a final update: if you don't need +StdEnvVars as an SSLOption then you should be able to simply comment or delete that part of you httpd.conf to get the new libssl.so from Apple to play nicely with Apache.

Following is the section i commented out... the Files and Directory 'directives'.


# <Files ~ "\.(cgi|shtml|phtml|php3?)$">
# SSLOptions +StdEnvVars
# </Files>

# <Directory "/xxx/xxx/xxx/cgi-bin/>
# SSLOptions +StdEnvVars
# </Directory>

# correction for browsers that don't always handle SSL connections well
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


RewriteEngine on
RewriteRule ^/(.*)-SSL$ https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^/(.*)-NOSSL$ http://%{SERVER_NAME}/$1 [R,L]



[ Reply to This | # ]
problem showed up in SSLOptions
Authored by: Anonymous on Jun 23, '03 04:12:20PM

Yup. I just upgraded a machine to 10.2. SSL installed per the Apple Developer article worked fine, just as it had under 10.1.5. Then, I upgraded to 10.2.6 using the combined updater and it busted. I commented out those lines and --- voila! --- it's working again.

Thanks!

Steven



[ Reply to This | # ]
problem showed up in SSLOptions
Authored by: JohnAlbin on Apr 11, '03 01:11:54PM

You can see a list of environment variables that are added by the "SSLOptions +StdEnvVars" or "SSLOptions +CompatEnvVars" statements on the mod_ssl site (http://www.modssl.org/docs/2.8/ssl_reference.html#ToC25.)

Most of these environment variables are pretty geeky. Fortunately, the variable most people use, HTTPS, which specifies whether SSL is being used or not, is already set by Apache without the +StdEnvVars or +CompatEnvVars settings.

Side note: Mac OS X 10.2.5 updates libssl.so yet again, but it doesn't fix the bus errors that occur when using +StdEnvVars or +CompatEnvVars.



[ Reply to This | # ]