subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nico Kadel-Garcia <nka...@gmail.com>
Subject Re: Bus Error - core dumped [Apache not starting with SSL enabled]
Date Sun, 02 Nov 2014 12:57:14 GMT
Oy vey! Couple of things. From your use of "/usr/local/apache_ssl" and
similar directory targets, it looks like you built your own Apache
yourself. Don't do that if you can avoid it, hammering out the subtle
configuration details for things like a basic SSL setup is 20 times as
hard if you're doing it from scratch the first time and do a Google
search among the hundreds and thousands of entries, most of which will
be untested one-offs from people who've never really taken a good look
at the details. There are gems of advice out there, but you can save
*enormous* time by working from a standard, professional deployment
from someone with actual testing and QA being done.

If I run into one more person who insists that all software must be
built and installed from scratch, well, we're going to share some
harsh words. I do a *lot* of cross-porting and backporting, and it
gets very expensive very fast, and trying to outguess which particular
Google hit they worked from is a support nightmare.

For example: that vhosts file should probably actually say:

             <VirtualHost   *:443>

There is normally no reason to tie the virtual host to a specific IP
address, unless you're using multiple IP addresses on the same host to
split up numerous virtual hosts, and there have been long religious
arguments about that practice over the years of Apache's existence.

That said, segregate the problem from Subversion. Move aside what is
probably in a "subversion.conf" file and try restarting your httpd,
with SSL enabled and no trace of Subversion in the mix, If that works,
then let's look at your subversion.conf.

Also: the standard httpd.conf typically uses 'Include' in read files
like "subversion.conf" from a separate config directory. One trick I
use with the "ssl.conf" file in an RHEL or Fedora setup, is to use
this:

              Include conf.d/*.conf.ssl

And I drop services in *.conf.ssl files that should only be SSL
accessed, such as Subversion. If I have Subversion set up to be
accessed in  https://servername/svn/, similar to the default
Subversion package setup  on RHEL set up,, then I keep those disabled,
copy and edit over to an svn.conf.ssl file, and drop an a
/var/www/html/svn/index.html file with a refresh directive to point to
the HTTPS enabled service. See this page for an explanation of that
directive.

             http://www.w3.org/TR/html-markup/meta.http-equiv.refresh.html

On Sat, Nov 1, 2014 at 10:05 PM, Mohsin <mohsinchandia@gmail.com> wrote:
> Result of ./apachectl configtest is :
>
> Syntax OK
>
> Sir,
>
> Main issue which i am facing is when i define SSL virtual host in
> httpd-vhosts.conf file. certificate files are not being loaded properly by
> apache HTTP . When i define SSL virtual host apache won't start give Bus
> Error - core dumped error.
>
>  httpd-vhosts.conf :
>
> <VirtualHost   x.x.x.x:443>
> SSLEngine on
> SSLCertificateFile   /usr/local/apache_ssl/conf/server.crt
> SSLCertificateKeyFile   /usr/local/apache_ssl/conf/server.key
> DocumentRoot  /usr/local/apache_ssl/htdocs/
> <Directory  "/usr/local/apache_ssl/htdocs/" >
> Options Indexes Includes FollowSymLinks  SymLinksifOwnerMatch ExecCGI
> MultiViews
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
> ServerName   mohsin.ab.com
> </VirtualHost>
>
>
> httpd-ssl.conf :
>
> <IfDefine SSL>
> Listen 443
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl    .crl
> SSLPassPhraseDialog  builtin
> SSLSessionCache         "dbm:/usr/local/apache_ssl/logs/ssl_scache"
> SSLSessionCache        "shmcb:/usr/local/apache_ssl/logs/ssl_scache(512000)"
> SSLSessionCacheTimeout  300
>
> <VirtualHost x.x.x.x:443>
>
> #   General setup for the virtual host
> DocumentRoot "/usr/local/apache_ssl/htdocs/"
> ServerName mohsin.ab.com
> ErrorLog "/usr/local/apache_ssl/logs/error_log"
> SSLEngine on
> SSLProtocol -ALL +SSLv3 +TLSv1
> SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:!MEDIUM:!SSLv2
> SSLCertificateFile "/usr/local/apache_ssl/conf/server.crt"
> SSLCertificateKeyFile "/usr/local/apache_ssl/conf/server.key"
> <FilesMatch "\.(cgi|shtml|phtml|php)$">
>     SSLOptions +StdEnvVars
> </FilesMatch>
> <Directory "/usr/local/apache_ssl/cgi-bin">
>     SSLOptions +StdEnvVars
> </Directory>
> BrowserMatch "MSIE [2-5]" \
>          nokeepalive ssl-unclean-shutdown \
>          downgrade-1.0 force-response-1.
> CustomLog "/usr/local/apache_ssl/logs/ssl_request_log" \
>           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
> </IfDefine>
>
>
>
>
>
>
> --
> View this message in context: http://subversion.1072662.n5.nabble.com/Bus-Error-core-dumped-Apache-not-starting-with-SSL-enabled-tp190773p190775.html
> Sent from the Subversion Users mailing list archive at Nabble.com.

Mime
View raw message