Apache not responding after SSL handshake

Posted on

Apache not responding after SSL handshake – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about apache-2.2, ssl, http, mod-ssl, .

Sometimes on my CentOS servers with Apache 2 + mod_ssl, Apache stops responding to requests made through HTTPS.
The SSL connection and handshake is successfull (I tested it with openssl s_client), but Apache doesn’t send any data to the socket after I manually send a HTTP request.
At the same time, HTTP is working perfectly.
For instance, even a broken request with just “GET /” instantly throws a “400 Bad Request” error over HTTP whereas I don’t get any answer over SSL.

apache2ctl graceful doesn’t solve the problem, but apache2ctl restart does.
The number of open TCP connections to Apache is normal, CPU and memory are OK.
apache2ctl fullstatus shows a lot of “reading data” lines.

Any idea ?

Solution :

If anyone got the same problem : I never had problems anymore after I configured Apache to use a single accesslog and errorlog file for all vhosts, instead of two logs per vhosts. It seems that the big amount of open log files (300+) made Apache unable to handle new connections through SSL.

Did you test your SSL cert installation to make sure it is correct? This is usually the cause of the majority of the errors.

Do you have a Firewall/IPS that is blocking it?

Try http://www.sslshopper.com/ssl-checker.html and see if it passes validation.

Leave a Reply

Your email address will not be published.