1

To start with I'm not familiar with web-page hosting Apache/tomcat. I recently updated a private web-server in what may have been the first time in a long time using yum, and now the website is not working. I can go to the https://$server/ page and I get the normal page saying it will redirect to another page, or click to redirect. This brings me to a https://$server//iweb/servlet/menu?opt=menu page with a 503 error. This use to be a page with a log-in prompt.

My current assumption is that the java servlet hasn't started. I haven't found any blogs that could help me, but that could be due to my unfamiliarity with the server and web-server architecture in general. Any next steps in getting the menue page working, even just pointing to the correct logs to review, would he helpful.

http -v

Server version: Apache/2.2.3
Server built:   Jul 18 2016 10:45:28
Server's Module Magic Number: 20051115:3
Server loaded:  APR 1.2.7, APR-Util 1.2.7
Compiled using: APR 1.2.7, APR-Util 1.2.7
Architecture:   64-bit
Server MPM:     Prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="run/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="logs/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

Log from last healthy boot using 2.2.22

32 [Wed Apr 29 13:27:28 2020] [notice] caught SIGTERM, shutting down
 33 Attempt to free unreferenced scalar: SV 0x1a9ba058 during global destruction.
 34 [Wed Apr 29 14:41:22 2020] [info] Init: Seeding PRNG with 256 bytes of entropy
 35 [Wed Apr 29 14:41:22 2020] [info] Init: Generating temporary RSA private keys (512/1024 bits)
 36 [Wed Apr 29 14:41:22 2020] [info] Init: Generating temporary DH parameters (512/1024 bits)
 37 [Wed Apr 29 14:41:22 2020] [info] Init: Initializing (virtual) servers for SSL
 38 [Wed Apr 29 14:41:22 2020] [info] mod_ssl/2.2.22 compiled against Server: Apache/2.2.22, Library: OpenSSL/0.9.8t
 39 Attempt to free unreferenced scalar: SV 0x9f504c8 during global destruction.
 40 [Wed Apr 29 14:41:22 2020] [info] Init: Seeding PRNG with 256 bytes of entropy
 41 [Wed Apr 29 14:41:22 2020] [info] Init: Generating temporary RSA private keys (512/1024 bits)
 42 [Wed Apr 29 14:41:22 2020] [info] Init: Generating temporary DH parameters (512/1024 bits)
 43 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(253): shmcb_init allocated 512000 bytes of shared memory
 44 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(272): for 511920 bytes (512000 including header), recommending 32 subcaches, 133 indexes each
 45 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(306): shmcb_init_memory choices follow
 46 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(308): subcache_num = 32
 47 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(310): subcache_size = 15992
 48 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(312): subcache_data_offset = 3208
 49 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(314): subcache_data_size = 12784
 50 [Wed Apr 29 14:41:22 2020] [debug] ssl_scache_shmcb.c(316): index_num = 133
 51 [Wed Apr 29 14:41:22 2020] [info] Shared memory session cache initialised
 52 [Wed Apr 29 14:41:22 2020] [info] Init: Initializing (virtual) servers for SSL
 53 [Wed Apr 29 14:41:22 2020] [info] mod_ssl/2.2.22 compiled against Server: Apache/2.2.22, Library: OpenSSL/0.9.8t
 54 [Wed Apr 29 14:41:23 2020] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
 55 [Wed Apr 29 14:41:23 2020] [notice] Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8w mod_jk/1.2.31 PHP/5.3.10 mod_python/3.2.8 Python/2.4.3 mod_perl/2.0.5 Perl/v5.14.2 configured -- resuming normal operations
 56 [Wed Apr 29 14:41:23 2020] [info] Server built: Feb 20 2012 20:30:18
 57 [Wed Apr 29 14:41:23 2020] [debug] prefork.c(1023): AcceptMutex: sysvsem (default: sysvsem)

Log from the most recent reboot using 2.2.3

 96 [Thu Apr 30 07:30:24 2020] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
 97 [Thu Apr 30 07:30:24 2020] [notice] SSL FIPS mode disabled
 98 [Thu Apr 30 07:30:24 2020] [warn] module rewrite_module is already loaded, skipping
 99 [Thu Apr 30 07:30:24 2020] [notice] Digest: generating secret for digest authentication ...
100 [Thu Apr 30 07:30:24 2020] [notice] Digest: done
101 [Thu Apr 30 07:30:24 2020] [notice] SSL FIPS mode disabled
102 [Thu Apr 30 07:30:24 2020] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
103 [Thu Apr 30 07:30:25 2020] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations

After the update from 2.2.22 to 2.2.3 I made the following changes to get the httpd service to start

  • remap /etc/httpd/modulas to /usr/lib64/httpd/modules
  • remap /ect/http/logs to /usr/lib64/https/logs
  • edit /etc/httpd/conf.d/certs.conf to include LoadModule ssl_module & Listen 443
  • edit /etc/httpd/conf.d/ssl.conf to remove Listen 443
  • remap /etc/httpd/run to /var/run

UPDATE 1 Left out of the original post I also modified the server.xml to remove the "Ghostcat" (CVE-2020-1938) vulnerability <!--<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />-->

I also found that the servilet is running, but you need to go to the tomcat 8080 port server:8080/iweb/servlet/menu?opt=menu

RunThor
  • 197
  • 2
  • 11
  • Do you have both Apache tomcat and httpd, and httpd is proxy in front of the tomcat? `rewrite_module` is mentioned in log. What is your configuration regarding redirecting/proxying? I noticed double slash in `https://$server//iweb/ser...`, error in editing or in configuration? CentOS 5 is OS? – dexter Apr 30 '20 at 21:06

0 Answers0