startssl at boot time

Eric Penfold eric at
Thu Apr 8 04:49:45 PDT 2004

(side note, I'm a lurker, not a subscriber, so this response will probably 
break threading. If anyone has suggestions on how best to reply, without 
needing to subscribe and be swamped by email, I'd be grateful).

I'm slightly confused as to what your actual problem is, as the logs you've 
posted make sense to me with regard to how you generated them. Referring 
back to your post (


 >This is right ??? the reason i ask is because apache does not start on a
 >reboot no ssl or even regular apache.

You then go on to show the log output from doing "apachectl start" vs 
"apachectl startssl". Note that the difference between these is very subtle, 
and not simply an issue of Is SSL initialised or not.

Specifically, all that additionally happens with "startssl" is that "SSL" 
flag is defined, such that <IfDefine SSL> blocks will be evaluted. Note that 
with the default ssl.conf, this is where SSLSessionCache, and SSLRandomSeed 
are defined (among other things).

So, this explains why you see:

 >here is the log output of an
 >apache stop then apache start using the script listed below when i use
 >apache start only regular apache starts so i then have to issue the
 >apache startssl command.
 >[... snip ...]
 >[Wed Apr 07 13:20:08 2004] [info] Init: Initializing OpenSSL library
 >[Wed Apr 07 13:20:08 2004] [info] Init: Seeding PRNG with 0 bytes of entropy
 >[... snip ...]
 >[Wed Apr 07 13:20:08 2004] [warn] Init: Session Cache is not configured
 >[hint: SSLSess

As you say, you have to use startssl.

The likely cause, as Matthew suggested, is lack of randomness.

However, it would help, if you were to post log output from apache starting 
up *after a reboot*, rather than from manual startssl/stop, since this is 
where (as far as I can understand) the problem lies.



More information about the freebsd-questions mailing list