Solved

Cannot open SSLSessionCache???

Posted on 2006-10-29
8
505 Views
Last Modified: 2012-08-14
Does anyone know why this might be happening???  Apache simply will not create this file, all it does it look for it.  I tried to create an empty one but when I run apache it removes it first.  

[29/Oct/2006 08:30:37 30648] [error] Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache' for scanning (System error follows)
[29/Oct/2006 08:30:37 30648] [error] System: No such file or directory (errno: 2)

[29/Oct/2006 08:30:37 30648] [error] Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache' for reading (fetch) (System error follows)
[29/Oct/2006 08:30:37 30648] [error] System: No such file or directory (errno: 2)


This 'logs-ssl' directory is world writable.  Actually it doesn't matter where I put the ssl_scache, its never created and apache always gives these read errors trying to reach it.

I'm running Apache 1.3.37 on Linux 2.4.32.  Latest everything like modssl 2.8.28-1.3.37, openssl 0.9.8d and php 4.4.4.  File system is ext3.

This is whats in the httpd.conf:

<IfModule mod_ssl.c>
   SSLPassPhraseDialog builtin
   SSLSessionCache dbm:logs-ssl/ssl_scache
   SSLSessionCacheTimeout  300
   SSLMutex file:logs-ssl/ssl_mutex
   SSLRandomSeed startup builtin
   SSLRandomSeed connect builtin
   SSLLog /programs/apache/logs-ssl/ssl.log
   SSLLogLevel info
</IfModule>

The ssl.log is logging fine, and the ssl_mutex files are created normally.  anyone?

kenw232@yahoo.com



0
Comment
Question by:scottg
  • 3
  • 2
8 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 17833644
what is the owner and group of the file?  Of the directory that it is in?
0
 

Author Comment

by:scottg
ID: 17833820
The file never exists, thats the problem.  I mentioned above "Apache simply will not create this file, all it does is look for it.  I tried to create an empty one but when I run apache it removes it first."  So I can't give you the owner/group of the file as it never exists.

The directory has perms 777 and is owned by Apache's EUID which is nobody.group.   But even if its 750 and root.root it don't matter, I've tried everything.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 17833856
But you did say that you tried to create an empty one.  My question was what did you set that to when it was created.

Setting to 777 is a very bad idea; it is possible that the reason it won't run is because the security is too lax.

I found an google reference to setting the user and id to apache.apache (even though they had nobody.httpd), but if you dont' have that username and group configured, I don't see how that would help.

I notice that you are using a relative path for the file:

SSLSessionCache dbm:logs-ssl/ssl_scache

Have you tried using an absolute (full) path instead?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:scottg
ID: 17833890
I'll try the full path, but I don't think it will matter because the error looks like it checks in the right place:

Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache'
0
 

Author Comment

by:scottg
ID: 17998379
problem was never solved, I had to disable the cache, which is fine. maybe give periwinkle half the points for trying to help.

Thanks for directing me to a 30 page help.jsp document, that helps.   Wouldn't it be great just to have a "Close Question" button or something.  
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18190714
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question