Tomcat fails to start with libssl.so.1.0.0

Keywords: Jenkins - AWS - Technical issue - Secure Connections (SSL/HTTPS)
Description:
My bitnami AMI has the following issue when starting the app:

sudo /opt/bitnami/ctlscript.sh restart

httpd.bin: Syntax error on line 539 of /opt/bitnami/apache2/conf/httpd.conf: Syntax error on line 32 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf: Cannot load modules/mod_ssl.so into server: /opt/bitnami/common/lib/libssl.so.1.0.0: undefined symbol: X509_chain_up_ref

relavent apache lines:

<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so

I have found no other cases of this via googling. My system is as up to date as it can be and the so file lives in the correct place with the correct permission. bncert-tool also fails at this step.

Hi @somerando,

We have a Support Tool that will gather relevant information for us to analyze your configuration and logs. Could you please download and execute it on the machine where the stack is running by following the steps described in the guide below?

How to Run the Bitnami Support Tool

Please note that you need to paste the code ID that is shown at the end.

Hi Jota. I have tried this but the tool timesout trying to upload the data and does not complete. I got apache starting by changing the TLS config options with “SSLProtocol -all +TLSv1.1 +TLSv1.2” but now tomcat does not start. When I run

bitnami:/opt/bitnami$ sudo ./ctlscript.sh start
Using CATALINA_BASE:   /opt/bitnami/apache-tomcat
Using CATALINA_HOME:   /opt/bitnami/apache-tomcat
Using CATALINA_TMPDIR: /opt/bitnami/apache-tomcat/temp
Using JRE_HOME:        /opt/bitnami/java
Using CLASSPATH:       /opt/bitnami/apache-tomcat/bin/bootstrap.jar:/opt/bitnami/apache-tomcat/bin/tomcat-juli.jar
Using CATALINA_PID:    /opt/bitnami/apache-tomcat/temp/catalina.pid
Tomcat started.
/opt/bitnami/apache-tomcat/scripts/ctl.sh : tomcat started
httpd.bin: Syntax error on line 133 of /opt/bitnami/apache2/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: /opt/bitnami/common/lib/libssl.so.1.0.0: undefined symbol: X509_chain_up_ref
apache config test fails, aborting

bitnami:/opt/bitnami$ sudo ./ctlscript.sh status
apache already running
tomcat not running

I have been trying every possible way to start tomcat manual to no avail. There is also no information in the logs about the problem despite using FINE logging for tomcat.

Finally found the tomcat issue:

/opt/bitnami/java/bin/java: symbol lookup error: /opt/bitnami/common/lib/libssl.so.1.0.0: undefined symbol: EVP_aes_128_cbc_hmac_sha256

I moved /opt/bitnami/common/lib/libssl.so.1.0.0 to a new directory and I was able to start jenkins. Unbelievable!

Hi @somerando,

Can you give us more information about what did you do to fix your issue? Can you try to run the bnsupport tool again so we can check your log files and configuration?

Regards,
Gonzalo

Unfortunately the tool is not uploading to your servers so I can’t do that. I literally just moved the libssl.so.1.0.0 file to bitnami home and it started up fine. My guess is that this works because jenkins is not using ssl for its connection to upstream server on 127.0.0.1.

This is really weird @somerando. I launched the latest Bitnami Jenkins stack and didn’t find that error. Apart from that, the latest release includes the version 1.1 of the library and not the 1.0 one

/opt/bitnami/common/lib/libssl.so.1.1

Could you please let us know the Bitnami Jenkins stack version you have?

Thanks

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.