Solved

Cannot open SSLSessionCache???

Posted on 2006-10-29
8
502 Views
Last Modified: 2012-08-14
Does anyone know why this might be happening???  Apache simply will not create this file, all it does it look for it.  I tried to create an empty one but when I run apache it removes it first.  

[29/Oct/2006 08:30:37 30648] [error] Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache' for scanning (System error follows)
[29/Oct/2006 08:30:37 30648] [error] System: No such file or directory (errno: 2)

[29/Oct/2006 08:30:37 30648] [error] Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache' for reading (fetch) (System error follows)
[29/Oct/2006 08:30:37 30648] [error] System: No such file or directory (errno: 2)


This 'logs-ssl' directory is world writable.  Actually it doesn't matter where I put the ssl_scache, its never created and apache always gives these read errors trying to reach it.

I'm running Apache 1.3.37 on Linux 2.4.32.  Latest everything like modssl 2.8.28-1.3.37, openssl 0.9.8d and php 4.4.4.  File system is ext3.

This is whats in the httpd.conf:

<IfModule mod_ssl.c>
   SSLPassPhraseDialog builtin
   SSLSessionCache dbm:logs-ssl/ssl_scache
   SSLSessionCacheTimeout  300
   SSLMutex file:logs-ssl/ssl_mutex
   SSLRandomSeed startup builtin
   SSLRandomSeed connect builtin
   SSLLog /programs/apache/logs-ssl/ssl.log
   SSLLogLevel info
</IfModule>

The ssl.log is logging fine, and the ssl_mutex files are created normally.  anyone?

kenw232@yahoo.com



0
Comment
Question by:scottg
  • 3
  • 2
8 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 17833644
what is the owner and group of the file?  Of the directory that it is in?
0
 

Author Comment

by:scottg
ID: 17833820
The file never exists, thats the problem.  I mentioned above "Apache simply will not create this file, all it does is look for it.  I tried to create an empty one but when I run apache it removes it first."  So I can't give you the owner/group of the file as it never exists.

The directory has perms 777 and is owned by Apache's EUID which is nobody.group.   But even if its 750 and root.root it don't matter, I've tried everything.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 17833856
But you did say that you tried to create an empty one.  My question was what did you set that to when it was created.

Setting to 777 is a very bad idea; it is possible that the reason it won't run is because the security is too lax.

I found an google reference to setting the user and id to apache.apache (even though they had nobody.httpd), but if you dont' have that username and group configured, I don't see how that would help.

I notice that you are using a relative path for the file:

SSLSessionCache dbm:logs-ssl/ssl_scache

Have you tried using an absolute (full) path instead?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:scottg
ID: 17833890
I'll try the full path, but I don't think it will matter because the error looks like it checks in the right place:

Cannot open SSLSessionCache DBM file `/programs/apache/logs-ssl/ssl_scache'
0
 

Author Comment

by:scottg
ID: 17998379
problem was never solved, I had to disable the cache, which is fine. maybe give periwinkle half the points for trying to help.

Thanks for directing me to a 30 page help.jsp document, that helps.   Wouldn't it be great just to have a "Close Question" button or something.  
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18190714
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question