'Re: [users@httpd] Apache/2.0.40, mod_ssl unexplainable errors logged'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-users
Subject:    Re: [users@httpd] Apache/2.0.40, mod_ssl unexplainable errors logged
From:       "Jem Berkes" <jb2002 () pc9 ! org>
Date:       2002-08-30 16:20:57
[Download RAW message or body]

> More on this. I kept one console running tcpdump -i lo port 443 Sure
> enough, whenever the 'spurious' SSL error appeared in the logs, a
> connection from localhost to itself appears on port 443. So it appears
> that those connections are causing the errors.

OK, with the help of Mr. Trawick from the apache developer's mailing 
list, this problem has been solved! The cause does seem to be, in fact, 
the idle server maintenance (that's why it is related to the amount of 
server traffic). Apparently apache does dummy connects to itself in order 
to wake up children.

The solution lies in the order of your Listen statements. The dummy 
connect should hit port 80, not port 443. I had Listen 80 then Listen 443 
in my configuration files (httpd.conf before ssl.conf) and with that 
order, the dummy connects go to port 443.

Swapping the order should get rid of the "[error] Spurious SSL handshake 
interrupt" errors due to the apache dummy connects. I commented out the 
Listen 443 in ssl.conf, and instead modified httpd.conf so that it says:

<IfDefine SSL>
        Listen 443
</IfDefine>
Listen 80

i.e. Listen 443 before Listen 80. No more
[error] Spurious SSL handshake interrupt [Hint: Usually just one of those 
OpenSSL confusions!?]

-- 
Jem Berkes
Student IEEE (Canada)

http://www.pc-tools.net/
Windows, Linux & UNIX software



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic