我花了几个小时试图将我的Apache服务器配置为使用没有公共IP的SSL,只使用localhost。我已经创建了证书OK,我认为(它就像是一个关于黑魔法的速成课程),当我尝试访问https://localhost时,浏览器会说“连接到localhost ......”状态行,但只是永远保持加载。以下是error_log的摘录:
[Fri Mar 27 22:03:39 2009] [info] Loading certificate & private key of SSL-aware server
[Fri Mar 27 22:03:39 2009] [info] Configuring server for SSL protocol
[Fri Mar 27 22:03:39 2009] [info] Loading certificate & private key of SSL-aware server
[Fri Mar 27 22:03:40 2009] [info] Configuring server for SSL protocol
那里的一切似乎都没问题,但同时在ssl_engine_log ......
[Fri Mar 27 22:03:39 2009] [info] Init: Initializing OpenSSL library
[Fri Mar 27 22:03:39 2009] [info] Init: Seeding PRNG with 136 bytes of entropy
[Fri Mar 27 22:03:39 2009] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Fri Mar 27 22:03:39 2009] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Fri Mar 27 22:03:39 2009] [info] Init: Initializing (virtual) servers for SSL
[Fri Mar 27 22:03:39 2009] [info] mod_ssl/2.0.61 compiled against Server: Apache/2.0.61, Library: OpenSSL/0.9.7i
[Fri Mar 27 22:03:39 2009] [warn] module php5_module is already loaded, skipping
[Fri Mar 27 22:03:39 2009] [info] Init: Initializing OpenSSL library
[Fri Mar 27 22:03:39 2009] [info] Init: Seeding PRNG with 136 bytes of entropy[Fri Mar 27 22:03:39 2009] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Fri Mar 27 22:03:40 2009] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Fri Mar 27 22:03:40 2009] [info] Init: Initializing (virtual) servers for SSL
[Fri Mar 27 22:03:40 2009] [info] mod_ssl/2.0.61 compiled against Server: Apache/2.0.61, Library: OpenSSL/0.9.7i
[Fri Mar 27 22:03:40 2009] [notice] Digest: generating secret for digest authentication ...
[Fri Mar 27 22:03:40 2009] [notice] Digest: done
[Fri Mar 27 22:03:40 2009] [notice] Apache/2.0.61 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.7l DAV/2 PHP/5.2.5 configured -- resuming normal operations
[Fri Mar 27 22:03:40 2009] [info] Server built: Jan 17 2008 17:33:42
[Fri Mar 27 22:03:40 2009] [emerg] (13)Permission denied: apr_proc_mutex_lock failed. Attempting to shutdown process gracefully.
[Fri Mar 27 22:03:40 2009] [emerg] (13)Permission denied: apr_proc_mutex_lock failed. Attempting to shutdown process gracefully.
......更像是最后两行,直到我最终停止服务器......
[Fri Mar 27 22:03:43 2009] [info] removed PID file /usr/local/apache2/logs/httpd.pid (pid=8786)
[Fri Mar 27 22:03:43 2009] [notice] caught SIGTERM, shutting down
关于此permission denied的一些谷歌搜索和apr_proc_mutex_lock失败并没有产生任何有用的东西。只有一些与MPM和perchild选项相关的结果,但是因为它们已经过时(2002年和2003年)并且在阅读它们之后我真的无法得出任何结论,我问你是否有办法克服这个问题。那么,首先:究竟是什么问题?模块之间是否存在任何不兼容性?我是否必须重新编译某些内容(拜托,主啊,不是,不是)?
提前致谢。
答案 0 :(得分:4)
感谢你没有使用apache 1.3 - 让SSL运行起来更难!
mod_ssl需要对几个文件的写权限才能生效。查看this setting并确保apache对该文件所在的目录具有写访问权限。例如,如果说(例如):
SSLMutex file:/var/run/apache/ssl.mutex
您需要验证apache是否可以写入/var/run/apache。
几乎所有这些类型的错误通常都是文件系统上的某种权限错误。