Thomas Jackson created TS-3389:
----------------------------------
Summary: Breakage of ssl tests from TS-3375
Key: TS-3389
URL: https://issues.apache.org/jira/browse/TS-3389
Project: Traffic Server
Issue Type: Bug
Reporter: Thomas Jackson
The new_tsqa test_https tests started failing after
5fb742d63742abbc0e441b6b9b8a74673097cf81 (TS-3375).
ssl_multicert.config:
{code}
dest_ip=127.0.0.2
ssl_cert_name=/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem
dest_ip=127.0.0.2
ssl_cert_name=/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
dest_ip=*
ssl_cert_name=/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem
dest_ip=*
ssl_cert_name=/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
{code}
traffic.out
{code}
[thjackso@thjackso-ld tsqa.env.Hz9TX9]$ ./bin/traffic_server
traffic_server: using root directory '/tmp/tsqa.env.Hz9TX9'
[Feb 12 16:52:01.398] {0x7f76e21fd800} NOTE: <DiagsConfig.cc:151
(reconfigure_diags)> updated diags config
[Feb 12 16:52:01.402] Server {0x7f76e21fd800} NOTE: <Main.cc:1604 (main)> cache
clustering disabled
[Feb 12 16:52:01.402] Server {0x7f76e21fd800} NOTE: <StatSystem.cc:269
(read_stats_snap)> clearing statistics
[Feb 12 16:52:01.409] Server {0x7f76e21fd800} NOTE: <IPAllow.cc:73
(reconfigure)> ip_allow.config updated, reloading
[Feb 12 16:52:01.416] Server {0x7f76e21fd800} NOTE: <ClusterProcessor.cc:724
(init)> cache clustering disabled
[Feb 12 16:52:01.417] Server {0x7f76e21fd800} NOTE: <Log.cc:1041
(init_when_enabled)> logging initialized[3], logging_mode = 3
[Feb 12 16:52:01.424] Server {0x7f76e21fd800} DEBUG: <SSLSessionCache.cc:44
(SSLSessionCache)> (ssl.session_cache) Created new ssl session cache 0x1741220
with 256 buckets each with size max size 400
[Feb 12 16:52:01.424] Server {0x7f76e21fd800} NOTE: <SSLUtils.cc:1880
(SSLParseCertificateConfiguration)> loading SSL certificate configuration from
/tmp/tsqa.env.Hz9TX9/etc/trafficserver/ssl_multicert.config
[Feb 12 16:52:01.424] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1264
(SSLInitServerContext)> (ssl.session_cache) ssl context=0x1749c70: using
session cache options, enabled=2, size=102400, num_buckets=256,
skip_on_contention=0, timeout=0, auto_clear=1
[Feb 12 16:52:01.424] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1286
(SSLInitServerContext)> (ssl.session_cache) enabling SSL session cache with ATS
implementation
[Feb 12 16:52:01.432] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1427
(SSLInitServerContext)> (ssl) Using
'/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem'
in hash for session id context
[Feb 12 16:52:01.433] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1741
(ssl_store_ssl_context)> (ssl) mapping '127.0.0.2' to certificate
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem
[Feb 12 16:52:01.433] Server {0x7f76e21fd800} DEBUG: <SSLCertLookup.cc:326
(insert)> (ssl) indexed '7F000002' with SSL_CTX 0x1749c70 [0]
[Feb 12 16:52:01.433] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1768
(ssl_store_ssl_context)> (ssl) ssl ocsp stapling is disabled
[Feb 12 16:52:01.433] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1779
(ssl_store_ssl_context)> (ssl) importing SNI names from
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem
[Feb 12 16:52:01.433] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1264
(SSLInitServerContext)> (ssl.session_cache) ssl context=0x174b7c0: using
session cache options, enabled=2, size=102400, num_buckets=256,
skip_on_contention=0, timeout=0, auto_clear=1
[Feb 12 16:52:01.433] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1286
(SSLInitServerContext)> (ssl.session_cache) enabling SSL session cache with ATS
implementation
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1427
(SSLInitServerContext)> (ssl) Using
'/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem'
in hash for session id context
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1741
(ssl_store_ssl_context)> (ssl) mapping '127.0.0.2' to certificate
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} WARNING: <SSLCertLookup.cc:321
(insert)> previously indexed '7F000002' with SSL_CTX (nil), cannot index it
with SSL_CTX #1 now
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1768
(ssl_store_ssl_context)> (ssl) ssl ocsp stapling is disabled
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1779
(ssl_store_ssl_context)> (ssl) importing SNI names from
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1615
(ssl_index_certificate)> (ssl) mapping 'www.test.com' to certificate
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLCertLookup.cc:326
(insert)> (ssl) indexed 'www.test.com' with SSL_CTX 0x174b7c0 [1]
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1264
(SSLInitServerContext)> (ssl.session_cache) ssl context=0x18c0310: using
session cache options, enabled=2, size=102400, num_buckets=256,
skip_on_contention=0, timeout=0, auto_clear=1
[Feb 12 16:52:01.441] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1286
(SSLInitServerContext)> (ssl.session_cache) enabling SSL session cache with ATS
implementation
[Feb 12 16:52:01.449] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1427
(SSLInitServerContext)> (ssl) Using
'/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem'
in hash for session id context
[Feb 12 16:52:01.449] Server {0x7f76e21fd800} DEBUG: <SSLCertLookup.cc:326
(insert)> (ssl) indexed '*' with SSL_CTX 0x18c0310 [2]
[Feb 12 16:52:01.449] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1768
(ssl_store_ssl_context)> (ssl) ssl ocsp stapling is disabled
[Feb 12 16:52:01.449] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1779
(ssl_store_ssl_context)> (ssl) importing SNI names from
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.example.com.pem
[Feb 12 16:52:01.449] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1264
(SSLInitServerContext)> (ssl.session_cache) ssl context=0x18c19a0: using
session cache options, enabled=2, size=102400, num_buckets=256,
skip_on_contention=0, timeout=0, auto_clear=1
[Feb 12 16:52:01.449] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1286
(SSLInitServerContext)> (ssl.session_cache) enabling SSL session cache with ATS
implementation
[Feb 12 16:52:01.457] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1427
(SSLInitServerContext)> (ssl) Using
'/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem'
in hash for session id context
[Feb 12 16:52:01.458] Server {0x7f76e21fd800} WARNING: <SSLCertLookup.cc:321
(insert)> previously indexed '*' with SSL_CTX 0x2, cannot index it with SSL_CTX
#3 now
[Feb 12 16:52:01.458] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1768
(ssl_store_ssl_context)> (ssl) ssl ocsp stapling is disabled
[Feb 12 16:52:01.458] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1779
(ssl_store_ssl_context)> (ssl) importing SNI names from
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
[Feb 12 16:52:01.458] Server {0x7f76e21fd800} DEBUG: <SSLUtils.cc:1615
(ssl_index_certificate)> (ssl) mapping 'www.test.com' to certificate
/home/thjackso/src/trafficserver-git/ci/new_tsqa/files/rsa_keys/www.test.com.pem
[Feb 12 16:52:01.458] Server {0x7f76e21fd800} WARNING: <SSLCertLookup.cc:321
(insert)> previously indexed 'www.test.com' with SSL_CTX 0x1, cannot index it
with SSL_CTX #3 now
[Feb 12 16:52:01.458] Server {0x7f76e21fd800} ERROR: <SSLUtils.cc:1921
(SSLParseCertificateConfiguration)> failed to load SSL certificate
specification from /tmp/tsqa.env.Hz9TX9/etc/trafficserver/ssl_multicert.config
line 67
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
