Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cannot open SSLSessionCache???

Posted on 2006-10-29
8
Medium Priority
?
535 Views
Last Modified: 2012-08-14
Does anyone know why this might be happening???  Apache simply will not create this file, all it does it look for it.  I tried to create an empty one but when I run apache it removes it first.  

[29/Oct/2006 08:30:37 30648] [error] Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache' for scanning (System error follows)
[29/Oct/2006 08:30:37 30648] [error] System: No such file or directory (errno: 2)

[29/Oct/2006 08:30:37 30648] [error] Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache' for reading (fetch) (System error follows)
[29/Oct/2006 08:30:37 30648] [error] System: No such file or directory (errno: 2)


This 'logs-ssl' directory is world writable.  Actually it doesn't matter where I put the ssl_scache, its never created and apache always gives these read errors trying to reach it.

I'm running Apache 1.3.37 on Linux 2.4.32.  Latest everything like modssl 2.8.28-1.3.37, openssl 0.9.8d and php 4.4.4.  File system is ext3.

This is whats in the httpd.conf:

<IfModule mod_ssl.c>
   SSLPassPhraseDialog builtin
   SSLSessionCache dbm:logs-ssl/ssl_scache
   SSLSessionCacheTimeout  300
   SSLMutex file:logs-ssl/ssl_mutex
   SSLRandomSeed startup builtin
   SSLRandomSeed connect builtin
   SSLLog /programs/apache/logs-ssl/ssl.log
   SSLLogLevel info
</IfModule>

The ssl.log is logging fine, and the ssl_mutex files are created normally.  anyone?

kenw232@yahoo.com



0
Comment
Question by:scottg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 17833644
what is the owner and group of the file?  Of the directory that it is in?
0
 

Author Comment

by:scottg
ID: 17833820
The file never exists, thats the problem.  I mentioned above "Apache simply will not create this file, all it does is look for it.  I tried to create an empty one but when I run apache it removes it first."  So I can't give you the owner/group of the file as it never exists.

The directory has perms 777 and is owned by Apache's EUID which is nobody.group.   But even if its 750 and root.root it don't matter, I've tried everything.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 17833856
But you did say that you tried to create an empty one.  My question was what did you set that to when it was created.

Setting to 777 is a very bad idea; it is possible that the reason it won't run is because the security is too lax.

I found an google reference to setting the user and id to apache.apache (even though they had nobody.httpd), but if you dont' have that username and group configured, I don't see how that would help.

I notice that you are using a relative path for the file:

SSLSessionCache dbm:logs-ssl/ssl_scache

Have you tried using an absolute (full) path instead?
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:scottg
ID: 17833890
I'll try the full path, but I don't think it will matter because the error looks like it checks in the right place:

Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache'
0
 

Author Comment

by:scottg
ID: 17998379
problem was never solved, I had to disable the cache, which is fine. maybe give periwinkle half the points for trying to help.

Thanks for directing me to a 30 page help.jsp document, that helps.   Wouldn't it be great just to have a "Close Question" button or something.  
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18190714
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month9 days, 7 hours left to enroll

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question