Re: New User: must be obvious question

Tue, 23 Oct 2001 12:54:53 -0700 

On Tue, Oct 23, 2001 at 11:42:15AM -0700, ComCity wrote:
> 
> --Heres what I found.
> I did a httpd -DSSL -t
> and it just said
> Syntax OK
> 
> whereas the httpd -t gives the same previous error complaining about line
> 1158

if I'm reading the apachectl startup script correctly, the "restart" is
not meant to work to with SSL -- or, put differently, it simply does not
handle the option -DSSL.  It does not take into consideration whether
apache had been started in SSL mode previously (in which case it would
have to add "-DSSL" in some places when doing the restart...)

It seems that you've got a <IfDefine SSL> around the directives that
load the module mod_ssl. In this case, not having "-DSSL" specified
would explain what you are observing.

(Maybe we should also have a "restartssl" (or similar), or save the current
SSL/non-SSL mode in some file, analogously to the PID-file...?)

As a temporary workaround you might want to patch apachectl by adding
another slightly modified restart section:
(for example in between "restart" and "graceful")


    restartssl)
        if [ $RUNNING -eq 0 ]; then
            echo "$0 $ARG: httpd not running, trying to start"
            if $HTTPD -DSSL; then
# added this ---------^
                echo "$0 $ARG: httpd started"
            else
                echo "$0 $ARG: httpd could not be started"
                ERROR=5
            fi
        else
            if $HTTPD -DSSL -t >/dev/null 2>&1; then
# added this ---------^
                if kill -HUP $PID ; then
                    echo "$0 $ARG: httpd restarted"
                else
                    echo "$0 $ARG: httpd could not be restarted"
                    ERROR=6
                fi
            else
                echo "$0 $ARG: configuration broken, ignoring restart"
                echo "$0 $ARG: (run 'apachectl configtest' for details)"
                ERROR=6
            fi
        fi
        ;;

I guess, this should have the desired effect, haven't tried it, though.
I'm not 100% sure whether there are interactions with having mod_ssl
loaded, and apache's handling of the -HUP signal -- although I wouldn't
know of a reason why...

Cheers

-- 
Erdmut Pfeifer
science+computing ag

-- Bugs come in through open windows. Keep Windows shut! --
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to