Apache caching ldaprc/SSL settings?

by

I have an Apache, a ldaprc file fol TLS certificates and a PHP script for connection to an Active Directory server.

All settings from ldaprc are properly read by Apache when I start it. If I change something in ldaprc and restart Apache, settings are re-read as expected.

However, if I comment or delete a line in ldaprc, a line previously specifying a certificate, and restart Apache, my script continues to work and it should not. This is not a problem with the php script, because if I delete ldaprc and restart Apache, or modify the line with the certificate to point to an invalid certificate the script does not work.

My question is, does Apache have any SSL/TLS/Certificates caching mechanism or options?

My ldaprc:

TLS_REQCERT never
TLS_CACERT /x509/certs/ad.pem
TLS_CACERTDIR /x509/certs

Don’t be confused by the paths, this is a custom based Linux distribution.

Apache is:

[root@localhost]# /www/bin/httpd -v       
Server version: Apache/2.2.11 (Unix)
Server built:   Apr  5 2011 06:09:43

Answer

If you are not sure for a problem, you can use big guns – strace, tcpdump
For your case: you expect that apache has a cache that is preserved after restarts. This should be a file based cache. So look for all files opened by apache:

strace -f -e open apache

Attribution
Source : Link , Question Author : Patkos Csaba , Answer Author : Mircea Vutcovici

Leave a Comment