PQ77489: IHS MOD_PROXY TRIES TO OPEN SSL BACKEND WHEN ONLY HTTP:// RULES DEFINED. | |||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Using any ssl causes mod_proxy to attempt to open ssl connection with the backend servers even if http:// is defined.Local fix Problem summary For each socket that is opened the SSL module is invoked in order to set up for SSL, if it is enabled. The need for SSL is determined by the configuration settings for the active 'server' ( VirtualHost ). The error here occurs when the proxy module opens a socket to the backend server. When this occurs, the SSL module is called to check if SSL should be used and based on the VirtualHost configuration it determines it is needed and attempts to initialize SSL. This fails because the SSL module is only capable of acting as an server in the SSL environment, not as a client. In other words, the SSL module can properly handle incoming connections using SSL but not outgoing connections, such as to a backend server when configured as a reverse proxy. Reverse Proxy using SSL is not supported in this version of the IBM HTTP Server.Problem conclusion The SSL module has been updated to allow interaction between the Proxy and SSL modules, which will allow the proxy module to 'turn off' SSL for backend connections.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > IBM HTTP Server >
Runtime
Operating system(s):
Software version: 00A
Software edition:
Reference #: PQ77489
IBM Group: Software Group
Modified date: Oct 1, 2003
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.