RE: undefined symbol
If you are getting this error at run time, then you haven't compiled everything statically. If you had, you would get the error during the make at link time. What is happening is that something is using the object OpenSSL_add_all_ciphers and attempting to get it from a shared library. It is probably a function in some library that you have not told the configuration script to scan. Alternatively, it could be a version mismatch: module A expects that function to be part of module B and is calling it, but in the version of module B that you are using, the function is not present. I'm assuming it's a function. It could be a global variable. Simon -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ulrich Stärk Sent: 18 December 2001 19:11 To: [EMAIL PROTECTED] Subject: undefined symbol Hi there. I just compiled mod_ssl 2.8.5 with apache 1.3.22, php4.1.0 and ApacheJserv 1.2.0, openssl-0.96 Everything works except of mod_ssl. i compiled everything statically into my apache and am getting the following error in the error log httpd: error while loading shared libraries: httpd: undefined symbol: OpenSSL_add_all_ciphers the same setup but with older versions works perfectly. Thanks Uli P.S.: I also tried the enable-rule=EAPI config for apache. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
apache mod_proxy mod_ssl?
Title: apache mod_proxy mod_ssl? Hi All, Has anyone have done/suggestions/help on getting apache_1.3.22 running with mod_proxy and mod_ssl-2.8.5-1.3.22 running on Solaris8? I can get either working but not together, when I compile with either option I lose the other. I guess my question is how to compile them together properly that's if they work together. Thanks in advance, Jaime Dalisay Systems Consultant Basis100 Inc. http://www.basis100.com 33 Yonge Street, Suite 900 Toronto, Ontario, CANADA M5E 1G4 Tel: 416-364-6085 x153 Fax: 416-364-5237 This communication is intended only for the use of the individual or entity to whom/which it is addressed, and information contained in this communication is privileged and confidential. If the receiver of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us at the above telephone number (so that we may correct our internal records) and delete this communication without making a copy of it. Thank you.
[BugDB] SSL negotiation failure (PR#650)
Full_Name: Jason Terry Version: mod_ssl/2.8.5 OS: RedHat Linux 7.2 (fully up2dated) Submission from: (NULL) (207.173.85.120) Please note I have read up on this to try to find the problem, and all the fixes labeled on the message archives do not work. I have tried SSLSessionCache shmcb:/usr/local/apache/logs/ssl_scache(512000) SSLSessionCacheTimeout 600 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 When I turn on trace for the cipher engine I received [17/Dec/2001 15:33:08 11905] [info] Connection to child 6 established (server www.cartmanager.net:443, client 66.91.21.92) [17/Dec/2001 15:33:08 11905] [info] Seeding PRNG with 2184 bytes of entropy [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Handshake: start [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Loop: before/accept initialization [17/Dec/2001 15:33:08 11905] [debug] OpenSSL: read 11/11 bytes from BIO#092E12D8 [mem: 09A1F068] (BIO dump follows) [17/Dec/2001 15:33:08 11905] [debug] OpenSSL: read 43/43 bytes from BIO#092E12D8 [mem: 09A1F073] (BIO dump follows) [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Loop: SSLv3 read client hello A [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Loop: SSLv3 write server hello A [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Loop: SSLv3 write certificate A [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Loop: SSLv3 write server done A [17/Dec/2001 15:33:08 11905] [debug] OpenSSL: write 712/712 bytes to BIO#092E12D8 [mem: 099E78B0] (BIO dump follows) [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Loop: SSLv3 flush data [17/Dec/2001 15:33:08 11905] [debug] OpenSSL: I/O error, 5 bytes expected to read on BIO#092E12D8 [mem: 09A1F068] [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Exit: error in SSLv3 read client certificate A [17/Dec/2001 15:33:08 11905] [trace] OpenSSL: Exit: error in SSLv3 read client certificate A [17/Dec/2001 15:33:08 11905] [error] SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] (System error follows) [17/Dec/2001 15:33:08 11905] [error] System: Connection reset by peer (errno: 104) I have notice that it always fails in the same place with either a 5 bytes expected to read (for SSLv3) or 2 bytes expected to read (for SSLv2) This seems to be a somewhat sporadic event happening about 1 in 500 connections... if the person presses reload repeatedly, the page will eventually display. However, obviously not all users will press reload until it works Any ideas on how to correct this problem would be appreciated... I have seen it in both SSLv2 and SSLv3 connections. And, if needed I can get a complete debug dump of a connection. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: HOW TO SETUP MULTI USERS
On Fri, Dec 21, 2001 at 07:26:35AM -0800, Admin/Manager wrote: Hello People. I would like to know how to setup more than one ssl cert to a server. I read the how to part of modssl and didn't see how to configure the server to run more than one cert. Does anyone know how to do this? Example: The have www.dude.com with a cert for ssl. Also i have www.foo.com with it's own ssl cert. By using a seperate ip (or port) - name based virtual hosting is not possible with ssl. vh Mads Toftum -- With a rubber duck, one's never alone. -- The Hitchhiker's Guide to the Galaxy __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: apache mod_proxy mod_ssl?
On Fri, Dec 21, 2001 at 11:02:54AM -0500, Jaime Dalisay wrote: Hi All, Has anyone have done/suggestions/help on getting apache_1.3.22 running with mod_proxy and mod_ssl-2.8.5-1.3.22 running on Solaris8? I can get either working but not together, when I compile with either option I lose the other. I guess my question is how to compile them together properly that's if they work together. Use method a) from the INSTALL document and where it says [...more APACI options...] just use --enable-module=proxy vh Mads Toftum -- With a rubber duck, one's never alone. -- The Hitchhiker's Guide to the Galaxy __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: DSO problems
** Reply to note from J. Johnson [EMAIL PROTECTED] Fri, 21 Dec 2001 01:22:34 -0800 (PST) On Thu, 20 Dec 2001, Simon Ritchie wrote: I don't think you have to go that far. No, but the computer does the work, and scrubbing and replacing the entire distribution takes much less time than trying to find a faster solution. === JJ = I agree. I've written up a script to rebuild Apache + mod_ssl + PHP and all the things they depend on. The first thing it does is rm -R the entire workspace. Then it untars the source code, and compiles things in order. I start it and walk away. About 45 minutes later I test the result. The computer does all the work. I don't have to worry about artifacts from old configurations messing me up! Rick Widmer Internet Marketing Specialists http://www.developersdesk.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: CA installation
Ok im useing mandrake linux it came with a predefined key . i created a news key for my site but ,when i put the certificate and the key in /etc/httpd/ssl dir the server wont start
