bunnadik Posted May 27, 2005 Report Share Posted May 27, 2005 I shut down apache (along with most other services) to run chkrootkit and avoid false positives regarding hidden processes. When I restarted apache it wouldn't start, complaining about [emerg] (13)Permission denied: couldn't grab the accept mutex After a couple of restarts I saw it complaining about dead semaphores so I used ipcrm to remove them, and I even rebooted eventually, but still the same errors. I found that if I start apache without SSL it works. I'm running MDK 10.1 with these: apache-conf-2.0.50-4mdk apache2-mod_php-2.0.50_4.3.8-2mdk apache2-mod_perl-2.0.50_1.99_16-1mdk apache2-manual-2.0.50-7.2.101mdk apache2-mod_proxy-2.0.50-7.2.101mdk apache2-modules-2.0.50-7.2.101mdk apache2-mod_disk_cache-2.0.50-7.2.101mdk apache2-mod_suexec-2.0.50-3mdk apache2-mod_ssl-2.0.50-4.1.101mdk apache2-2.0.50-7.2.101mdk apache2-common-2.0.50-7.2.101mdk apache2-mod_cache-2.0.50-7.2.101mdk I have a couple of virtual hosts, some of them requiring SSL. - Peder Quote Link to comment Share on other sites More sharing options...
ddmcse Posted May 27, 2005 Report Share Posted May 27, 2005 named based virtual hosts or ip based virtual hosts ? you need ip based virtual hosts to use SSL Quote Link to comment Share on other sites More sharing options...
bunnadik Posted May 30, 2005 Author Report Share Posted May 30, 2005 Are you sure? I've had this server up and running since end of March with name based SSL virtual hosts. I tested this on another MDK-10.1 server: NameVirtualHost *:443 <VirtualHost *:443> ServerName www2.myserver.org DocumentRoot /var/www/html/ssl ServerAdmin root@myserver.org ErrorLog logs/ssl_error_www2_log <IfModule mod_log_config.c> TransferLog logs/ssl_access_www2_log </IfModule> SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /etc/ssl/apache2/server.crt SSLCertificateKeyFile /etc/ssl/apache2/server.key CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" RewriteEngine On RewriteOptions inherit </VirtualHost> This worked flawlessly. I don't know why the apache docs claim "Name-based virtual hosting cannot be used with SSL secure servers". Further down they say "If you're planning to use multiple ports (e.g. running SSL) you should add a Port to the argument, such as *:80" indicating (to me) that SSL does work in name-based hosting. The only thing I did recently is to install the latest security fixes from Mandriva but I can't see anything there that should affect apache/openssl. - Peder Quote Link to comment Share on other sites More sharing options...
bunnadik Posted June 7, 2005 Author Report Share Posted June 7, 2005 *bump* Anyone with ideas? - Peder Quote Link to comment Share on other sites More sharing options...
ddmcse Posted June 7, 2005 Report Share Posted June 7, 2005 (edited) I like to think there are always options . I haven't played with this scenario in a couple of weeks . If you got this to work before there must be some way to make it work again . I want the solution too, please let me know what you find out and how many named hosts were you running ? 1 you can make work . Many named hosts with some using SSL is the trick i want to pull off using only named based virtual hosts Edited June 7, 2005 by ddmcse Quote Link to comment Share on other sites More sharing options...
bunnadik Posted June 9, 2005 Author Report Share Posted June 9, 2005 and how many named hosts were you running ? 1 you can make work . I had two with SSL, although one wasn't used by anyone, and four non-SSL. I'm afraid I'll have to reinstall the server to get it to work. - Peder Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.