apache ssl nightmare

2004 June 18 at 01:29 » Tagged as :

Just had a nightmare that involved apache. It all began when a new server was ordered to host Rad Upload. It was decided to move some of the other sites that are currently hosted on other machines onto this new server.

In hind sight the choice of apache version and the ssl patch chosen was where the mistake was made. The latest version of apache ssl available is 1.3.29 where as the latest version of apache is 1.3.31, thus 1.31 source tree was patched, compiled, installed and configured. And the server started up without any real problems.

Since DNS changes take around a day to propogate, we didn't have a chance to put the server through the acid test until our DNS servers started to reflect the changes. When it happened a few hours ago, to our utter dismay we found that the virtual hosting entries are not being correctly picked up. As a result three sites including the all important Saadhu.com were inaccessible. In fact for some users the site may have been inaccessible for over 24 hours. ouch.

No amount of juggling with the httpsd.conf file would work and in desparation I finally removed the ssl patch recompiled good old apache. After removing all the SSL specific instructions from the configuration files all the virtual hosts started up correctly. How is that for trouble with a capital T?