Ubuntu
apache2 package

unknown protocol speaking not SSL to HTTPS port on apache2 reload/restart

Bug #795315 reported by Forest on 2011-06-10

10

This bug affects 1 person

Affects

Status

Importance

Assigned to

Milestone

apache2 (Ubuntu)

Triaged

Low

Unassigned

You need to log in to change this bug's status.

Affecting:	apache2 (Ubuntu)
Filed here by:	Forest
When:	2011-06-10
Confirmed:	2011-06-23

Target

Distribution
Package	(Find…)
Project	(Find…)

Status	Importance
	Low

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

(?)

Bug Description

Binary package hint: apache2

After enabling ssl on my apache2 installation, doing an apache2 reload or restart produces messages like this in the error log:

SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!?

These are explained here:

http://wiki.apache.org/httpd/InternalDummyConnection#SSL_Considerations

Simply reordering the Listen directives in /etc/apache2/ports.conf solves the problem. I'm attaching a patch.

Tags: Edit Tag help

Revision history for this message

Forest (foresto) wrote on 2011-06-10:

#1

put-listen-80-last.patch Edit (678 bytes, text/plain)

Brian Murray (brian-murray) on 2011-06-10

tags:

added: patch

Revision history for this message

Dave Walker (davewalker) wrote on 2011-06-21:

#2

Thanks for reporting this issue and attaching a patch! I'd like to clarify which release you are seeing this behaviour on, as my understanding of upstream is that it was resolved in their trunk ~2 years ago. I would have expected this to be fixed in a later release of ubuntu when the upstream fix reached us.

However, if this is not the case - we need to investigate further. Marking Incomplete pending clarification where this behaviour is being witnessed.

Thanks!

Changed in apache2 (Ubuntu):
status:	New → Incomplete

Revision history for this message

Forest (foresto) wrote on 2011-06-21:

#3

This was seen on Ubuntu Maverick just a week or two ago.

Changed in apache2 (Ubuntu):
status:	Incomplete → New

Revision history for this message

Scott Moser (smoser) wrote on 2011-06-23:

#4

I'm marking this triaged, It seems like:
a.) it could easily be fixed in ubuntu
b.) it is very low priority
c.) Per apache svn 2.3.1 [1], this is fixed in releases 2.3.1 and newer. Ubuntu [2] is at 2.2.19. It might make more sense to cherry pick the upstream commit if possible [3]
d.) we'd like to forward it to debian.

--
[1] http://svn.apache.org/viewvc?view=revision&revision=726065
[2] https://launchpad.net/ubuntu/+source/apache2
[3] http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm_common.c?r1=722399&r2=726065&pathrev=726065

Changed in apache2 (Ubuntu):
importance:	Undecided → Low
status:	New → Triaged

Revision history for this message

Scott Moser (smoser) wrote on 2011-06-23:

#5

suggested debdiff Edit (3.6 KiB, text/plain)

Heres a debdiff that we could apply to oneiric to cherry pick the SVN commit from apache.
I've also just now pushed this to my ppa (https://launchpad.net/~smoser/+archive/ppa), so a build will appear there later.

It would be great if you can verify if that fixes the warning. I just ran out of time to do so.

Revision history for this message

Scott Moser (smoser) wrote on 2011-06-24:

#6

@Forest,
Could you verify if the debdiff/ppa build fix the issue for you?
You can re-build for your release, or use a vm , or test on EC2 or Eucalyptus Community Cloud (http://open.eucalyptus.com/CommunityCloud#Signup).

Report a bug

This report contains Public information Edit

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch