Date: Fri, 22 Jan 2010 10:50:01 +0000 From: David Southwell <david@vizion2000.net> To: apache@freebsd.org Subject: Following latest upgrade apache-2.2.14_5 ssl failure Message-ID: <201001221050.01689.david@vizion2000.net>
next in thread | raw e-mail | index | archive | help
Can anyone please advise Many thanks [Fri Jan 22 10:22:19 2010] [notice] caught SIGTERM, shutting down [Fri Jan 22 10:38:10 2010] [info] Init: Seeding PRNG with 144 bytes of entropy [Fri Jan 22 10:38:10 2010] [info] Loading certificate & private key of SSL- aware server [Fri Jan 22 10:38:10 2010] [info] Init: Requesting pass phrase via builtin terminal dialog [Fri Jan 22 10:38:16 2010] [debug] ssl_engine_pphrase.c(476): encrypted RSA private key - pass phrase requested [Fri Jan 22 10:38:16 2010] [info] Init: Wiped out the queried pass phrases from memory [Fri Jan 22 10:38:16 2010] [info] Init: Generating temporary RSA private keys (512/1024 bits) [Fri Jan 22 10:38:16 2010] [info] Init: Generating temporary DH parameters (512/1024 bits) [Fri Jan 22 10:38:16 2010] [info] Init: Initializing (virtual) servers for SSL [Fri Jan 22 10:38:16 2010] [info] Configuring server for SSL protocol [Fri Jan 22 10:38:16 2010] [debug] ssl_engine_init.c(414): Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1) [Fri Jan 22 10:38:16 2010] [debug] ssl_engine_init.c(610): Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2: +EXP:+eNULL] [Fri Jan 22 10:38:16 2010] [debug] ssl_engine_init.c(370): Configuring TLS extension handling [Fri Jan 22 10:38:16 2010] [debug] ssl_engine_init.c(741): Configuring RSA server certificate [Fri Jan 22 10:38:16 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Fri Jan 22 10:38:16 2010] [debug] ssl_engine_init.c(780): Configuring RSA server private key [Fri Jan 22 10:38:16 2010] [info] mod_ssl/2.2.14 compiled against Server: Apache/2.2.14, Library: OpenSSL/0.9.8l [Fri Jan 22 10:38:16 2010] [info] mod_unique_id: using ip addr [xxx.xxx.xxx.xxx] [Fri Jan 22 10:38:17 2010] [info] Init: Seeding PRNG with 144 bytes of entropy [Fri Jan 22 10:38:17 2010] [info] Loading certificate & private key of SSL- aware server [Fri Jan 22 10:38:17 2010] [info] www.vizion2000.net:443 reusing existing RSA private key on restart [Fri Jan 22 10:38:17 2010] [info] Init: Generating temporary RSA private keys (512/1024 bits) [Fri Jan 22 10:38:17 2010] [info] Init: Generating temporary DH parameters (512/1024 bits) [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(253): shmcb_init allocated 512000 bytes of shared memory [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(272): for 511920 bytes (512000 including header), recommending 32 subcaches, 133 indexes each [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(306): shmcb_init_memory choices follow [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(308): subcache_num = 32 [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(310): subcache_size = 15992 [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(312): subcache_data_offset = 3208 [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(314): subcache_data_size = 12784 [Fri Jan 22 10:38:17 2010] [debug] ssl_scache_shmcb.c(316): index_num = 133 [Fri Jan 22 10:38:17 2010] [info] Shared memory session cache initialised [Fri Jan 22 10:38:17 2010] [info] Init: Initializing (virtual) servers for SSL [Fri Jan 22 10:38:17 2010] [info] Configuring server for SSL protocol [Fri Jan 22 10:38:17 2010] [debug] ssl_engine_init.c(414): Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1) [Fri Jan 22 10:38:17 2010] [debug] ssl_engine_init.c(610): Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2: +EXP:+eNULL] [Fri Jan 22 10:38:17 2010] [debug] ssl_engine_init.c(370): Configuring TLS extension handling [Fri Jan 22 10:38:17 2010] [debug] ssl_engine_init.c(741): Configuring RSA server certificate [Fri Jan 22 10:38:17 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Fri Jan 22 10:38:17 2010] [debug] ssl_engine_init.c(780): Configuring RSA server private key [Fri Jan 22 10:38:17 2010] [info] mod_ssl/2.2.14 compiled against Server: Apache/2.2.14, Library: OpenSSL/0.9.8l [Fri Jan 22 10:38:19 2010] [notice] mod_python: Creating 8 session mutexes based on 256 max processes and 0 max threads. [Fri Jan 22 10:38:19 2010] [notice] mod_python: using mutex_directory /tmp [Fri Jan 22 10:38:19 2010] [notice] Digest: generating secret for digest authentication ... [Fri Jan 22 10:38:19 2010] [notice] Digest: done [Fri Jan 22 10:38:19 2010] [info] mod_unique_id: using ip addr [xxx.xxx.xxx.xxx] [Fri Jan 22 10:38:20 2010] [notice] Apache/2.2.14 (FreeBSD) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 PHP/5.2.12 with Suhosin-Patch mod_python/3.3.1 Python/2.6.4 mod_ruby/1.3.0 Ruby/1.8.7(2009-12-24) SVN/1.6.6 configured -- resuming normal operations [Fri Jan 22 10:38:20 2010] [info] Server built: Jan 22 2010 10:35:52 [Fri Jan 22 10:38:20 2010] [debug] prefork.c(1013): AcceptMutex: flock (default: flock) [Fri Jan 22 10:39:33 2010] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 2 idle, and 12 total children [Fri Jan 22 10:39:35 2010] [info] [client ::1] Connection to child 10 established (server www.vizion2000.net:443) [Fri Jan 22 10:39:35 2010] [info] Seeding PRNG with 144 bytes of entropy [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_kernel.c(1875): OpenSSL: Handshake: start [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: before/accept initialization [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_io.c(1858): OpenSSL: read 11/11 bytes from BIO#8124675c0 [mem: 812753000] (BIO dump follows) [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_io.c(1791): +-------------------------------------------------------------------------+ [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_io.c(1830): | 0000: 4f 50 54 49 4f 4e 53 20-2a 20 48 OPTIONS * H | [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_io.c(1836): +-------------------------------------------------------------------------+ [Fri Jan 22 10:39:35 2010] [debug] ssl_engine_kernel.c(1912): OpenSSL: Exit: error in SSLv2/v3 read client hello A [Fri Jan 22 10:39:35 2010] [info] [client ::1] SSL library error 1 in handshake (server www.vizion2000.net:443) [Fri Jan 22 10:39:35 2010] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!? [Fri Jan 22 10:39:35 2010] [info] [client ::1] Connection closed to child 10 with abortive shutdown (server www.vizion2000.net:443) [Fri Jan 22 10:39:37 2010] [info] [client ::1] Connection to child 9 established (server www.vizion2000.net:443) [Fri Jan 22 10:39:37 2010] [info] Seeding PRNG with 144 bytes of entropy [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_kernel.c(1875): OpenSSL: Handshake: start [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: before/accept initialization [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_io.c(1858): OpenSSL: read 11/11 bytes from BIO#8124675c0 [mem: 81275d000] (BIO dump follows) [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_io.c(1791): +-------------------------------------------------------------------------+ [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_io.c(1830): | 0000: 4f 50 54 49 4f 4e 53 20-2a 20 48 OPTIONS * H | [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_io.c(1836): +-------------------------------------------------------------------------+ [Fri Jan 22 10:39:37 2010] [debug] ssl_engine_kernel.c(1912): OpenSSL: Exit: error in SSLv2/v3 read client hello A [Fri Jan 22 10:39:37 2010] [info] [client ::1] SSL library error 1 in handshake (server www.vizion2000.net:443) [Fri Jan 22 10:39:37 2010] [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!? [Fri Jan 22 10:39:37 2010] [info] [client ::1] Connection closed to child 9 with abortive shutdown (server www.vizion2000.net:443) [Fri Jan 22 10:39:38 2010] [info] [client ::1] Connection to child 12 established (server www.vizion2000.net:443) [Fri Jan 22 10:39:38 2010] [info] Seeding PRNG with 144 bytes of entropy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201001221050.01689.david>