ssl problems
David Southwell
david at vizion2000.net
Thu Oct 7 16:58:43 UTC 2010
I have been having trouble with apache server which has ceased loading and
other ports which have some dependency on openssl. I believe the problem may
be due to some kind of ssl conflict but do not know how to recognise the cause
or go about identifying and curing the problem.
System: freebsd 7.2 amd p3 generic quad core on intel
If I run ssl the response from the version shows 0.9.8e 23 Feb 2007.
OpenSSL> version
OpenSSL 0.9.8e 23 Feb 2007
Pkg _ info reports:
dns1# pkg_info -o '*ssl*'
Information for dsssl-docbook-modular-1.79_1,1:
Origin:
textproc/dsssl-docbook-modular
Information for linux-openssl-0.9.7f_2:
Origin:
security/linux-openssl
Information for openssl-1.0.0_2:
Origin:
security/openssl
Information for php5-openssl-5.3.3_2:
Origin:
security/php5-openssl
Information for py26-openssl-0.10:
Origin:
security/py-openssl
Information for qca-ossl-2.0.0.b3_4:
Origin:
security/qca-ossl
Attempting to load the apache server monitoring with ktrace:
dns1# ktrace /usr/local/sbin/apachectl start
Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server www.vizion2000.net:443 (RSA)
Enter pass phrase:
OK: Pass Phrase Dialog successful.
dns1# kdump >ktrace_kdump_03
at the end of the kdump file I see the attempt to load fails as follows:
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_RSS,0x7fffffffdd20)
12759 sh RET setrlimit 0
12759 sh CALL getrlimit(RLIMIT_MEMLOCK,0x7fffffffddb0)
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_MEMLOCK,0x7fffffffddb0)
12759 sh RET setrlimit 0
12759 sh CALL getrlimit(RLIMIT_NPROC,0x7fffffffde40)
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_NPROC,0x7fffffffde40)
12759 sh RET setrlimit 0
12759 sh CALL getrlimit(RLIMIT_NOFILE,0x7fffffffded0)
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_NOFILE,0x7fffffffded0)
12759 sh RET setrlimit 0
12759 sh CALL getrlimit(RLIMIT_SBSIZE,0x7fffffffdf60)
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_SBSIZE,0x7fffffffdf60)
12759 sh RET setrlimit 0
12759 sh CALL getrlimit(RLIMIT_VMEM,0x7fffffffdff0)
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_VMEM,0x7fffffffdff0)
12759 sh RET setrlimit 0
12759 sh CALL dup2(0xb,0x1)
12759 sh RET dup2 1
12759 sh CALL close(0xb)
12759 sh RET close 0
12759 sh CALL dup2(0xc,0x2)
12759 sh RET dup2 2
12759 sh CALL close(0xc)
12759 sh RET close 0
12759 sh CALL getrlimit(RLIMIT_NOFILE,0x7fffffffe260)
12759 sh RET getrlimit 0
12759 sh CALL setrlimit(RLIMIT_NOFILE,0x7fffffffe260)
12759 sh RET setrlimit 0
12759 sh CALL read(0xa,0x5204c0,0x3ff)
12759 sh GIO fd 10 read 380 bytes
" is no longer supported.
echo Please edit httpd.conf to include the SSL configuration settings
echo and then use "apachectl start".
ERROR=2
;;
configtest)
$HTTPD -t
ERROR=$?
;;
status)
$LYNX $STATUSURL | awk ' /process$/ { print; exit } { print } '
;;
fullstatus)
$LYNX $STATUSURL
;;
*)
$HTTPD $ARGV
ERROR=$?
esac
exit $ERROR
"
12759 sh RET read 380/0x17c
12759 sh CALL fork
12759 sh RET fork 12762/0x31da
12759 sh CALL getpgrp
12759 sh RET getpgrp 12759/0x31d7
12759 sh CALL wait4(0xffffffff,0x7fffffffe1cc,WUNTRACED,0)
12759 sh RET wait4 12762/0x31da
12759 sh CALL exit(0)
Please ask for further info.
Thanks in advance
David
Photographic Artist
Permanent Installations & Design
Creative Imagery and Advanced Digital Techniques
High Dynamic Range Photography & Official Portraiture
Combined darkroom & digital creations
& Systems Adminstrator for the vizion2000.net network
More information about the freebsd-questions
mailing list