[OPEN-ILS-DEV] Errors in Apache's error log that suggest a subtle problem

Jeff Godin jeff at tcnet.org
Fri Apr 10 09:23:46 EDT 2009


On Thu, 9 Apr 2009, John Craig wrote:

> I'm seeing this odd chain of errors each time I go to the next title in
> a list, for instance:
>
> [Thu Apr 09 18:39:35 2009] [info] [client 127.0.0.1] Connection to child
> 4 established (server ubuntu.alphagconsulting.com:443)
> [Thu Apr 09 18:39:35 2009] [info] Seeding PRNG with 648 bytes of entropy
> [Thu Apr 09 18:39:35 2009] [info] [client 127.0.0.1] (os
> 0x2e5864f0)Unrecognized resolver error: SSL library error 1 in handshake
> (server ubuntu.alphagconsulting.com:443)
> [Thu Apr 09 18:39:35 2009] [info] SSL Library Error: 336027900
> error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
> speaking not SSL to HTTPS port!?
> [Thu Apr 09 18:39:35 2009] [info] [client 127.0.0.1] Connection closed to
> child 4 with abortive shutdown (server ubuntu.alphagconsulting.com:443)

This is a quirk of Apache. There's a workaround to eliminate all this
SSL-related noise in your error log.

Simplified: Apache connects to itself during the course of managing its
processes, and it doesn't know how to speak SSL to itself, and it doesn't
know to avoid SSL ports. Changing the order of your Listen directives so
that the last Listen is a non-SSL port eliminates the noise.

Some future version of Apache will avoid the SSL ports (if possible) by
default.

I went through this the other day, and updated the Apache wiki with some
details gleaned from bug reports.  See
http://wiki.apache.org/httpd/InternalDummyConnection

>
> Use of uninitialized value in join or string at
> /usr/local/share/perl/5.8.8/OpenSRF/Application.pm line 118.
> Use of uninitialized value in concatenation (.) or string at
> /openils/lib/perl5/OpenILS/Application/Search/Biblio.pm line 864.

I've no input on those warnings, sorry.

-jeff


More information about the Open-ils-dev mailing list