Version mismatch troubleshooting – CentOS, EC2, php, php-pdo – SSL disabled

tedneigerux asked:

On my production server SSL has stopped working. Everything redirects to http:// from https://

The server is a virtual EC2 instance running in AWS. It’s their image running CENTOS and PHP5.3, connecting to mysql.

Previously SSL was working perfectly, leading me to believe my CERT files and httpd.conf file is correct.

UPDATE 20 FEB

I’ve eliminated the other error log messages and discovered another two that seem relevant.
From SSL_ERROR_LOG
[Wed Feb 20 04:01:02 2013] [warn] RSA server certificate CommonName (CN) ip-10-204-201-62 does NOT match server name!?
From apache ERROR_LOG
[Tue Feb 19 16:01:02 2013] [notice] SSL FIPS mode disabled

Below is my httpd.conf entries:
<VirtualHost *:80>
ServerAdmin account@domain.com
DocumentRoot /var/www/html/domain-com
ServerName www.domain.com
</VirtualHost>

NameVirtualHost *:443

<VirtualHost *:443>
ServerName www.domain.com
DocumentRoot /var/www/html/domain-com
SSLENGINE on
SSLCertificatekeyFile /etc/httpd/keys/private.key
SSLCertificateFile /etc/httpd/crts/public.crt
SSLCertificateChainFile /etc/httpd/crts/intermediate.crt
</VirtualHost>

INITIAL PASTE
There is an error in my apache logs:
/etc/httpd/logs/error_log
[Tue Feb 19 16:01:02 2013] [notice] Digest: generating secret for digest authentication ...
[Tue Feb 19 16:01:02 2013] [notice] Digest: done
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/pdo_dblib.so' - /usr/lib64/php/modules/pdo_dblib.so: undefined symbol: php_pdo_register_driver in Unknown on line 0
[Tue Feb 19 16:01:02 2013] [notice] SSL FIPS mode disabled
[Tue Feb 19 16:01:02 2013] [notice] Apache/2.2.23 (Unix) DAV/2 PHP/5.3.20 mod_ssl/2.2.23 OpenSSL/1.0.0j-fips configured -- resuming normal operations

Googling shows that this error is often caused by version mismatches.
$ php -v
PHP 5.3.20 (cli) (built: Jan 2 2013 18:43:35)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
with the ionCube PHP Loader v4.2.1, Copyright (c) 2002-2012, by ionCube Ltd., and
with Xdebug v2.2.1, Copyright (c) 2002-2012, by Derick Rethans

Unfortunately I don’t have the experience to determine exactly which version of which package might be mismatched if that is, in fact, the issue.

My answer:


Your <VirtualHost> entries don’t contain any redirects, so the redirect must be originating elsewhere. Check the web application and configure it appropriately. Also check any other parts of your setup, such as a load balancer or reverse proxy which you forgot to mention.

(The fact that PHP is unable to load a module isn’t relevant to the redirection problem.)


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.