Upgrade from Apache2.0 to Apache 2.2 windows Open SSL issue

Posted on 2014-07-22
Last Modified: 2014-08-13
I originally built a VM for our Client Portal access - its running a WAMP environment Windows 2008 server R2 with Apache 2.0 openSSL 0.9 and PHP 5.3.5. Its running with installed certificates etc - all is as expected and I am happy! Unfortunately, due to performance issues with loading some "large" webpages, I need to upgrade this VM to Apache v2.2.25 (due to requiring FastCGI  compatible with Apache 2.2+).

I took a clone of the existing Apache 2.0 VM and changed the IP address, uninstalled Apache2.0 and installed Apache v2.2.25 with openSSL whilst leaving the current PHP version installed (all compatible). I changed the necessary settings in the httpd.conf and ssl.conf files and restarted apache2.2. All seemed ok at this point.

To test the new VM Apache2.2 server (I powered down the existing apache2.0 VM) and used a test PHP page with the following:

<?php phpinfo();?>

Its shows all PHP configurations. I compared the PHP settings listed on the new Apache2.2 server to the original Apache2.0 VM and not all configurations are listed under the "Apache Environment" section, settings like HTTPS, SSL_VERSION_INTERFACE, SSL_VERSION_LIBRARY, SSL_PROTOCOL (basically any SSL configurations are missing).

I've rechecked the config files and have SSLEngine ON and all settings are like for like, so I cannot fathom what is missing or needed to be done to get the new Apache2.2 server to pickup the SSL settings.

I have found little documentation on upgrading WAMP servers from Apache 2.0 to Apache 2.2.

Can anyone please help!?

PS. Please let me know if further info is required, I am not really ofay with Apache / PHP environments (I'm love my .net too much!)
Question by:Seven0fNine
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 35

Accepted Solution

gr8gonzo earned 500 total points
ID: 40211652
First, I'd suggest that in the future, don't spin up a new VM clone just for an Apache upgrade. You can easily have multiple instances of Apache all running on the same machine without any conflict. You simply run them on different ports.

So if you're testing out a new version of Apache, just install it onto the same machine, edit the httpd.conf (or copy over the existing one, if all of your config is compatible between versions) and then simply change all the ports that it listens on. Usually this is the "Listen" directive, so if the existing config has "Listen 80" and "Listen 443", then change those to "Listen 8080" and "Listen 8443", for example. It can be any unused port #, but those are common alternative port numbers for this purpose.

You can also run Apache alongside IIS in this manner, by the way (since you said you love .NET).

Once the configuration is changed, start up the second instance and you should be able to hit it just fine as long as you include the port numbers in the URL (e.g. http://<Server's IP or Domain>:8080/somepage.php or https://<Server's IP or Domain>:8443/somepage.php).

Now, as far as the environment settings go, you'll only see those if you accessed the page via the HTTPS protocol. So if you hit the PHP info page via a normal HTTP address, then you won't see "HTTPS" or any of the "SSL_..." environment variables.

Finally, FastCGI is nice, but it's not usually the "answer" to performance problems. It might shave some milliseconds off of the startup time of each request (if you measure the response time between FastCGI and standard PHP, you'll see a small difference), but if you are waiting for a long time for a request (multiple, full seconds), then chances are that the bottleneck is in the application itself.

Often times, application bottlenecks are either poorly-written code, heavy disk I/O, or poor-performing database queries. There are solutions to all of these, so if you ARE seeing several seconds of load time in your application, I'd recommend you create a second question in the PHP zone and describe your script / application, and the performance you're seeing.

I would probably start some self-analysis by doing some code profiling of the longest-running parts of your script. I wrote an article on how to profile PHP code using a 3rd party tool:

Anyway, it's still good to upgrade Apache to make sure you're staying up to date with patches, and it's good to squeeze every ounce of performance you have out of each component. If you don't use .htaccess files in your PHP application, you can also disable Overrides (set "Overrides None" in your Apache config in your application's <Directory> section) to get another small performance boost.

Finally, if you ARE accessing the PHP info page via an HTTPS URL and you still don't see the environment variables, then something's seriously wrong. My first response would be to check the certificate information in the browser after the page loads to make sure it's using the correct certificate and the connection is actually encrypted. Also, on your newest Apache 2.2 install, make sure you're not accidentally running a version of OpenSSL that is still vulnerable to Heartbleed. If you got your Apache install from the Apache Lounge recently, you should be okay.

Author Closing Comment

ID: 40258652
Thanks for your detailed reply. I finally sussed the problem. All working great - but now having trouble with configuring the Mod_fcgid. I've downloaded mod_fcgid-2.3.9 from Apachelounge. But there are no clear instructions, there is no single file of (as I expected to need to reference in httpd.conf LoadModule fcgid_module modules/mod_fcgid), but there are a whole host of files within a Build folder, Docs folder and modules folder. I cant see any .so file, so I'm not sure as to how and where I reference the file... any advice! (or I'll add a new post)

Thank you

from Desperately seeking Apache help!

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Decommissioning DNS server question 3 64
LDAP Setup 6 65
How ldap located a Domain controller? 22 79
VMWare 101 9 101
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question