Re: SSL_Scache version 2.8.7
On Sun, Mar 17, 2002 at 08:28:56PM -0600, Petra Computing wrote: > Has anyone configured and used the MM library that Ralf wrote? > Will this work on the RHLinx 6.2 (kernel 2.2.19) platform? Yes. It works very well - just ./configure --disable-shared in MM vh Mads Toftum -- With a rubber duck, one's never alone. -- "The Hitchhiker's Guide to the Galaxy" __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
SSL_Scache version 2.8.7
I'm noticing that "ssl_scache.dir" is a 0 byte file. Is this "normal"? The wierdness continuesin full SSL mode, whith 100% content in the secured directory, I get half loaded pages, and Page Not Found errors. It happens with both Netscape as well as IE5.5 Any ideas about what can be done? Has anyone configured and used the MM library that Ralf wrote? Will this work on the RHLinx 6.2 (kernel 2.2.19) platform? Sigh, someday, I'll be the one with the answers instead... Regards, -Arthur.
Re: Problem with ssl_scache
00-11-08 14.28, skrev [EMAIL PROTECTED] på [EMAIL PROTECTED] följande: > OK, if you change to the "nobody" user (or whoever you run the server as) > can you write to that directory? Yes, but that isn't very satisfacory security-wise, is it? > Sometimes file permissions get missed. I did this recently and couldn't run > X-windows until I corrected the permissions on /usr. The easy > > If you can't change to "nobody", it may be worth considering creating a user > for your web server to run under. Change the "User" and "Group" settings in > httpd.conf to reflect this user. Some systems cannot run a web server as > nobody. The server runs as nobody, a setup I have always used before, however this one is a freeBSD box, and it might be different there. Any input is apprecieated. /Goran __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Problem with ssl_scache
(Oh dear, brain was in off-line mode when I sent the last post) OK, if you change to the "nobody" user (or whoever you run the server as) can you write to that directory? Sometimes file permissions get missed. I did this recently and couldn't run X-windows until I corrected the permissions on /usr. The easy mistakes are often those that are overlooked. If you can't change to "nobody", it may be worth considering creating a user for your web server to run under. Change the "User" and "Group" settings in httpd.conf to reflect this user. Some systems cannot run a web server as nobody. John -Original Message- From: Göran Fröjdh [mailto:[EMAIL PROTECTED]] Sent: 08 November 2000 12:56 To: [EMAIL PROTECTED] Subject: Re: Problem with ssl_scache 00-11-08 13.04, skrev [EMAIL PROTECTED] på [EMAIL PROTECTED] följande: > This is probably a daft question, but does the directory > /usr/local/apache/conf/ssl actually exist? > Well... yes... bash-2.04# pwd /usr/local/apache/conf/ssl __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Problem with ssl_scache
OK, if you change to the "nobody" user (or whoever you run the server as) can you write to that directory? Sometimes file permissions get missed. I did this recently and couldn't run X-windows until I corrected the permissions on /usr. The easy If you can't change to "nobody", it may be worth considering creating a user for your web server to run under. Change the "User" and "Group" settings in httpd.conf to reflect this user. Some systems cannot run a web server as nobody. John -Original Message- From: Göran Fröjdh [mailto:[EMAIL PROTECTED]] Sent: 08 November 2000 12:56 To: [EMAIL PROTECTED] Subject: Re: Problem with ssl_scache 00-11-08 13.04, skrev [EMAIL PROTECTED] på [EMAIL PROTECTED] följande: > This is probably a daft question, but does the directory > /usr/local/apache/conf/ssl actually exist? > Well... yes... bash-2.04# pwd /usr/local/apache/conf/ssl __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Problem with ssl_scache
00-11-08 13.04, skrev [EMAIL PROTECTED] på [EMAIL PROTECTED] följande: > This is probably a daft question, but does the directory > /usr/local/apache/conf/ssl actually exist? > Well... yes... bash-2.04# pwd /usr/local/apache/conf/ssl __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Problem with ssl_scache
This is probably a daft question, but does the directory /usr/local/apache/conf/ssl actually exist? - John Airey Internet Systems Support Officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] -Original Message- From: Göran Fröjdh [mailto:[EMAIL PROTECTED]] Sent: 08 November 2000 11:58 To: [EMAIL PROTECTED] Subject: Re: Problem with ssl_scache 00-11-08 9.22, skrev Marcus Lachmanez på [EMAIL PROTECTED] följande: > What about file permissions ? Well, they are all owned by root, look below: -rw-r--r-- 1 rootwheel 1273 Aug 21 15:48 ca.crt drwxr-xr-x 2 rootwheel512 Aug 21 15:48 ca.db.certs -rw-r--r-- 1 rootwheel119 Aug 21 15:48 ca.db.index -rw-r--r-- 1 rootwheel 3 Aug 21 15:48 ca.db.serial -rw-r--r-- 1 rootwheel963 Aug 21 15:47 ca.key -rw-r--r-- 1 rootwheel881 Sep 19 01:43 fragzone.crt -r 1 rootwheel887 Sep 19 01:41 fragzone.key -r 1 rootwheel958 Sep 19 01:41 fragzone.key.passw -r 1 rootwheel963 Sep 19 01:41 fragzone.se.key -rw-r--r-- 1 rootwheel783 Oct 22 22:34 httpd.Apassw -rw-r--r-- 1 rootwheel762 Oct 22 22:22 httpd.Apassw~ -rw-r--r-- 1 rootwheel 1597 Oct 22 22:33 httpd.passw -rw-r--r-- 1 rootwheel 1553 Oct 22 22:21 httpd.passw~ -rw-r--r-- 1 rootwheel 2893 Aug 21 15:48 server.crt -rw-r--r-- 1 rootwheel777 Aug 21 15:22 server.csr -r 1 rootwheel891 Aug 21 16:20 server.key -r 1 rootwheel963 Aug 21 16:19 server.key.org -rwxr-xr-x 1 rootwheel 1784 Aug 21 15:27 sign.sh -rw--- 1 nobody wheel 0 Nov 8 11:18 ssl_mutex.142 -rw--- 1 nobody wheel 0 Oct 16 02:07 ssl_mutex.43784 -rw--- 1 nobody wheel 16384 Nov 8 11:18 ssl_scache.db -rw-r--r-- 1 rootwheel 1080 Oct 12 13:07 validAdminusers -rw-r--r-- 1 rootwheel 1678 Oct 12 12:58 validusers The levels above have the same ownership and permissions om the folders. (what's interesting is that there are a file called ssl_scache.db being created, but it's not this one that is accessed). > Göran Fröjdh wrote: > >> I'm experiencing a problem with starting Apache w. modssl. For some reason, >> the ssl cache file doesn't seem to be created. Below are the logs: __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Problem with ssl_scache
00-11-08 9.22, skrev Marcus Lachmanez på [EMAIL PROTECTED] följande: > What about file permissions ? Well, they are all owned by root, look below: -rw-r--r-- 1 rootwheel 1273 Aug 21 15:48 ca.crt drwxr-xr-x 2 rootwheel512 Aug 21 15:48 ca.db.certs -rw-r--r-- 1 rootwheel119 Aug 21 15:48 ca.db.index -rw-r--r-- 1 rootwheel 3 Aug 21 15:48 ca.db.serial -rw-r--r-- 1 rootwheel963 Aug 21 15:47 ca.key -rw-r--r-- 1 rootwheel881 Sep 19 01:43 fragzone.crt -r 1 rootwheel887 Sep 19 01:41 fragzone.key -r 1 rootwheel958 Sep 19 01:41 fragzone.key.passw -r 1 rootwheel963 Sep 19 01:41 fragzone.se.key -rw-r--r-- 1 rootwheel783 Oct 22 22:34 httpd.Apassw -rw-r--r-- 1 rootwheel762 Oct 22 22:22 httpd.Apassw~ -rw-r--r-- 1 rootwheel 1597 Oct 22 22:33 httpd.passw -rw-r--r-- 1 rootwheel 1553 Oct 22 22:21 httpd.passw~ -rw-r--r-- 1 rootwheel 2893 Aug 21 15:48 server.crt -rw-r--r-- 1 rootwheel777 Aug 21 15:22 server.csr -r 1 rootwheel891 Aug 21 16:20 server.key -r 1 rootwheel963 Aug 21 16:19 server.key.org -rwxr-xr-x 1 rootwheel 1784 Aug 21 15:27 sign.sh -rw--- 1 nobody wheel 0 Nov 8 11:18 ssl_mutex.142 -rw--- 1 nobody wheel 0 Oct 16 02:07 ssl_mutex.43784 -rw--- 1 nobody wheel 16384 Nov 8 11:18 ssl_scache.db -rw-r--r-- 1 rootwheel 1080 Oct 12 13:07 validAdminusers -rw-r--r-- 1 rootwheel 1678 Oct 12 12:58 validusers The levels above have the same ownership and permissions om the folders. (what's interesting is that there are a file called ssl_scache.db being created, but it's not this one that is accessed). > Göran Fröjdh wrote: > >> I'm experiencing a problem with starting Apache w. modssl. For some reason, >> the ssl cache file doesn't seem to be created. Below are the logs: __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Problem with ssl_scache
What about file permissions ? Göran Fröjdh wrote: > I'm experiencing a problem with starting Apache w. modssl. For some reason, > the ssl cache file doesn't seem to be created. Below are the logs: > > [Tue Nov 7 23:04:24 2000] [error] mod_ssl: Cannot open SSLSessionCache DBM > file `/usr/local/apache/conf/ssl/ssl_scache' for scannin > g (System error follows) > [Tue Nov 7 23:04:24 2000] [error] System: No such file or directory (errno: > 2) > [Tue Nov 7 23:04:24 2000] [error] mod_ssl: Cannot open SSLSessionCache DBM > file `/usr/local/apache/conf/ssl/ssl_scache' for reading > (fetch) (System error follows) > [Tue Nov 7 23:04:24 2000] [error] System: No such file or directory (errno: > 2) > [Tue Nov 7 23:04:25 2000] [error] mod_ssl: Cannot open SSLSessionCache DBM > file `/usr/local/apache/conf/ssl/ssl_scache' for writing > (store) (System error follows) > [Tue Nov 7 23:04:25 2000] [error] System: No such file or directory (errno: > 2) > > Anyone had this problem and know of a fix? > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- * Linux Viruscan. Windows 95/98/NT/WIN2000 Found Remove it ? (Y/y) * Marcus Lachmanez System Analyst INTERNET PRODUCTS TEAM Oracle Germany * __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Problem with ssl_scache
I'm experiencing a problem with starting Apache w. modssl. For some reason, the ssl cache file doesn't seem to be created. Below are the logs: [Tue Nov 7 23:04:24 2000] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/usr/local/apache/conf/ssl/ssl_scache' for scannin g (System error follows) [Tue Nov 7 23:04:24 2000] [error] System: No such file or directory (errno: 2) [Tue Nov 7 23:04:24 2000] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/usr/local/apache/conf/ssl/ssl_scache' for reading (fetch) (System error follows) [Tue Nov 7 23:04:24 2000] [error] System: No such file or directory (errno: 2) [Tue Nov 7 23:04:25 2000] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/usr/local/apache/conf/ssl/ssl_scache' for writing (store) (System error follows) [Tue Nov 7 23:04:25 2000] [error] System: No such file or directory (errno: 2) Anyone had this problem and know of a fix? __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
ssl_scache
I have my session caching set to about 5 minutes, and now it's working *but* -- I've had some trouble getting the system to *keep* the ssl_scache file. At this point I have a nightly process doing a ">>ssl_scache.pag" and ">>ssl_scache.dir" and "chmod 777 ssl_scache.???", but that certainly doesn't seem to be the optimal solution. never mind the security problem with the 777 mode, why should I have to keep manually creating the file every night? How was it getting deleted, or the permissions changed? Has anybody else seen anything like this, or is it just another ridiculous quirk of this old system on which I work? __ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: RH 6.0 - NDBM - /var/run/ssl_scache => PATCH !!!
> I have allways problem when accessing /var/run/ssl_cache, too. > So I use chown command manually after installation. > [GOMEZ Henri] ModSSL do a chown in ssl_engine_scache.c. Check if the defines for files extensions ma with your DB installation __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: RH 6.0 - NDBM - /var/run/ssl_scache => PATCH !!!
On Wed, Jun 09, 1999, GOMEZ Henri wrote: > There is a real problem with RH 6.0 and dual db libs on glibc 2.1 > #define DBM_SUFFIX ".db" > > The problem lies in the fact mod_ssl chown to nobody inexisting files. > > So here is the patch which will be soon commited to RPM by Magnus > [...] Thanks for the feedback and patches. The parts for mod_rewrite.h and mod_auth_dbm.c I've comitted to the Apache repository for Apache 1.3.7 after making the check more robust. The part for mod_ssl.h will appear with mod_ssl 2.3.3. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: RH 6.0 - NDBM - /var/run/ssl_scache => PATCH !!!
>But I've allways problem when accessing /var/run/ssl_cache > >[08/Jun/1999 17:59:09] [error] Cannot open SSLSessionCache DBM file >`/var/run/ssl_scache' for expiring (System error follows) >[08/Jun/1999 17:59:09] [error] System: Permission denied (errno: 13) >[08/Jun/1999 17:59:09] [error] Cannot open SSLSessionCache DBM file >`/var/run/ssl_scache' for writing (store) (System error follows) >[08/Jun/1999 17:59:09] [error] System: Permission denied (errno: 13) I have allways problem when accessing /var/run/ssl_cache, too. So I use chown command manually after installation. I use Solaris2.6 and Berkeley-DB 2.X. And I create /usr/local/BerkeleyDB/include/ndbm.h like this. #ifndef _NDBM_H_ #define _NDBM_H_ #define DB_DBM_HSEARCH 1 #include #endif And I use configure command of mod_ssl like this. CFLAGS="-I/usr/local/bind/include -I/usr/local/BerkeleyDB/include -DNO_IDEA" LIBS="-L/usr/local/bind/lib -lbind -L/usr/local/BerkeleyDB/lib -ldb" LANG= export CFLAGS LIBS LANG ./configure \ --with-apache=../apache_1.3.6 \ --with-ssleay=/usr/local/ssl \ --prefix=/usr/local/apache \ --enable-shared=ssl \ --enable-module=so \ --enable-module=rewrite __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RH 6.0 - NDBM - /var/run/ssl_scache => PATCH !!!
There is a real problem with RH 6.0 and dual db libs on glibc 2.1 When I got the standard binary RPM (from Magnus) and try to run it on my RH 6.0 system, mod_ssl core dump (SIGSEGV) when accessing https files. If I rebuild the source, and use the new binary there is no more core. ldd tell us that the 5.2 generated httpd use libdb.so.2 and 6.O generated's use libdb.so.3. It seems there is something broken in liddb.so.2 support under glibc 2.1. But I've allways problem when accessing /var/run/ssl_cache [08/Jun/1999 17:59:09] [error] Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for expiring (System error follows) [08/Jun/1999 17:59:09] [error] System: Permission denied (errno: 13) [08/Jun/1999 17:59:09] [error] Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for writing (store) (System error follows) [08/Jun/1999 17:59:09] [error] System: Permission denied (errno: 13) the file seems to be mod 600 and own/grp root. It's seems ok since the http father create dbm. But childs run as nobody/nobody so they couldn't ever access the dbm file. Looking system calls with strace give : [4012eed7] geteuid()= 0 [401434f4] chown("/var/run/ssl_scache", 99, 4294967295) = -1 ENOENT (No such file or directory) [401434f4] chown("/var/run/ssl_scache.dir", 99, 4294967295) = -1 ENOENT (No such file or directory) [401434f4] chown("/var/run/ssl_scache.pag", 99, 4294967295) = -1 ENOENT (No such file or directory) And if you look in /usr/include/db1/ndbm.h you see /* * The db(3) support for ndbm(3) always appends this suffix to the * file name to avoid overwriting the user's original database. */ #define DBM_SUFFIX ".db" The problem lies in the fact mod_ssl chown to nobody inexisting files. So here is the patch which will be soon commited to RPM by Magnus <> ... . . S.L.I.B . . [_] . 5 Place Charles Béraudier . . (. .) . 69428 Lyon Cedex 03 . ..oOOo..(_)..oOOo.. . Tel: 0472367723 . . Henri Gomez [EMAIL PROTECTED] Fax: 0472367778 . ... apache-ndbm.patch
Re: safe way to purge ssl_scache
On Fri, Feb 05, 1999, Lai Yiu Fai wrote: > It seems that the ssl_scache dbm file grows indefinitely. Is there a safe > way to purge it? I try to move both .dir and .pag to other filenames and > restart the server. The error_log gave a lot of errors stating cannot open > SSLSessionCache DBM file for reading/writing. Is it only the way to stop > the server, purge the ssl_scache and start the server again? Hmmm... in ssl_engine_scache.c, line 375, there is ``if (nExpireCalls++ < 100)'' which means that sessions are expired every 100 HTTPS hits only. You can reduce the number 100 to 10 or even to 1 to expire more often. This doesn't shrink the DBM file, but it should prevent it from growing such fast. Additionally you have to reduce the expire time with SSLSessionCacheTimeout, because the expiring deletes only entries which were already expired, of course. Let it me know whether this works for you. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
safe way to purge ssl_scache
It seems that the ssl_scache dbm file grows indefinitely. Is there a safe way to purge it? I try to move both .dir and .pag to other filenames and restart the server. The error_log gave a lot of errors stating cannot open SSLSessionCache DBM file for reading/writing. Is it only the way to stop the server, purge the ssl_scache and start the server again? Rgds, === Lai Yiu Fai | Tel.: (852) 2358-6202 Centre of Computing Services | Fax.: (852) 2358-2737 & Telecommunications | E-mail: [EMAIL PROTECTED] | The Hong Kong University of | Clear Water Bay, Science & Technology | Kowloon, Hong Kong. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: 2.1.8 ssl_scache ownership?
On Mon, Jan 25, 1999, Jake Buchholz wrote: > When ssl_scache.{pag,dir} get initially created, they're owned to root, > instead of the eventual UID that apache's running as... Which means, I > get a lot of engine messages about the fact that it can't open the DBM > file for writing, and renders the cache pretty much useless... If I > chown it to the right UID, all is well. Hmmm.. which version of mod_ssl is it? Actually in ssl_engine_scache.c at line 227 you can find this piece of code I wrote to overcome the child-process problem: | #ifndef WIN32 | /* | * we have to make sure the Apache child processes | * have access to the DBM file... | */ | if (geteuid() == 0 /* is superuser */) { | chown(mc->szSessionCacheDataFile, | ap_user_id, -1 /* no gid change */); | chown(ap_pstrcat(p, mc->szSessionCacheDataFile, | SSL_DBM_FILE_SUFFIX_DIR, NULL), | ap_user_id, -1 /* no gid change */); | chown(ap_pstrcat(p, mc->szSessionCacheDataFile, | SSL_DBM_FILE_SUFFIX_PAG, NULL), | ap_user_id, -1 /* no gid change */); | } | #endif Seems like either the SSL_DBM_FILE_SUFFIX_{DIR,PAG} macros are incorrectly determined on your platform, or the ap_user_id contains "root" (check your User/Group directives) or geteuid() doesn't return 0 for your situation. Can you find out more? Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
2.1.8 ssl_scache ownership?
When ssl_scache.{pag,dir} get initially created, they're owned to root, instead of the eventual UID that apache's running as... Which means, I get a lot of engine messages about the fact that it can't open the DBM file for writing, and renders the cache pretty much useless... If I chown it to the right UID, all is well. -- Jake Buchholz, ExecPC Sr. Systems Administrator : /~\ [EMAIL PROTECTED] -- http://www.execpc.com/~jake :ASCII \ / Against Fngrpt PGP262: 29f3322af2da07994dc03fdf1f50aed2 : Ribbon X HTML GnuPG: 53d97ab3d279f731e7d2fc1197ca38544423882b : Campaign / \ Mail __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: mod_ssl: Cannot open SSLSessionCache DBM file `/usr/local/apache/var/run/ssl_scache'
On Sat, Dec 05, 1998, Fredj Dridi wrote: > I use mod_ssl-2.1.2-1.3.3 and apache_1.3.3 on Red Hat 5.1 (Kernel 2.0.34 > on an i686) box. After compiling and installing apache I have started > apache with /usr/local/apache/sbin/apachectl startssl. The file > /usr/local/apache/var/run/ssl_scache does not exist;-) The server > (http,https) function well but the error_log file says: > > [Sat Dec 5 14:04:20 1998] [error] System: Permission denied (errno: 13) > [Sat Dec 5 14:04:20 1998] [error] mod_ssl: Cannot open SSLSessionCache > DBM file `/usr/local/apache/var/run/ssl_scache' for writing (store) > (System error follows) > > Waht is the problem? The problem is that you're using an old config file. In mod_ssl 2.1 SSLSessioCache's arg now is a path to a DBM file and no longer a path to a program (as in mod_ssl 2.0.x). Just change the argument to point to a reasonable file inside your logs or runtime dirs. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
mod_ssl: Cannot open SSLSessionCache DBM file `/usr/local/apache/var/run/ssl_scache'
Hi, I use mod_ssl-2.1.2-1.3.3 and apache_1.3.3 on Red Hat 5.1 (Kernel 2.0.34 on an i686) box. After compiling and installing apache I have started apache with /usr/local/apache/sbin/apachectl startssl. The file /usr/local/apache/var/run/ssl_scache does not exist;-) The server (http,https) function well but the error_log file says: [Sat Dec 5 14:04:20 1998] [error] System: Permission denied (errno: 13) [Sat Dec 5 14:04:20 1998] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/usr/local/apache/var/run/ssl_scache' for writing (store) (System error follows) Waht is the problem? Fredj __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]