Apache 2 does not work with SSL enabled on NCP2
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Nexenta Operating System |
Fix Released
|
High
|
Tim Spriggs |
Bug Description
Enabling the SSL module for Apache 2 under NCP2 results in Apache appearing to hang while connecting to either port 80 or 443. netstat -na shows that it's listening and shows client connections to the port, but Apache does not appear to receive them. truss/dtruss doesn't reveal anything unusual. Turning on full debug shows nothing strange in the logs. Apache 2 works properly if the SSL module is disabled.
In an attempt to narrow this down, I compiled Apache 2.2.11 from Ubuntu Jaunty source on NCP2 and it exhibited the same problem. I compiled 2.2.11 directly from source on the apache website and it exhibited the same problem. The nginx package in the Hardy repo works with SSL. The Apache 2.2.8 packages in the Hardy repo work properly on NCP 1.x. It would appear the issue is with mod_ssl and the patched Sun openssl from sunwopenssl-
As an additional test, I have modified the apache 2.2.8 packages in hardy to link against openssl 0.9.8k I compiled from source in /usr/local, and everything works now as expected. Tim Spriggs noticed that starting the apache2 binary with the -X flag also allowed it to function in a limited capacity (debug mode, only one child process) and I have confirmed that.