intermittent Apache/OpenSSL error hangs server

Jerry Blasdel jblaz2019 at
Thu Jan 9 16:42:47 UTC 2020

Here is more information.  On the server that is having this issue, prior
to the FIPS_drbg_generate errors (these show up every time that worker pid
is selected to serve a request) we have a single OpenSSL error that shows
up in the logs.

SSL Library Error: error:2D06A07F: FIPS routines: FIPS_CHECK_EC:pairwise
test failed

Once we get that error, every time we try to serve a request in Apache
using that pid, it errors out.  So, it seems like something randomly
corrupts that PID.  Can someone provide some information about
FIPS_CHECK_EC: pairwise test failed.


On Tue, Jan 7, 2020 at 7:21 AM Jerry Blasdel <jblaz2019 at> wrote:

> I have several servers configured the same, running Apache
> 2.4X/OpenSSL1.02 fips-enabled.
> On one server we periodically get the following errors in the Apache logs:
> SSL Library Error: error:xxxxxx:FIPS_drbg_generate:selftest failed.  In
> some cases, the server continues to service requests, but in other cases
> the server hangs and will not process requests until the worker pid
> receiving the error is killed, or a kill -HUP is issues on the Apache root
> pid.
> I see someone else had a similar issue but I can't find any resolution.
> Other information...
> We have looked at the entropy on the server when it is working properly vs
> when it hangs and could not find any big differences.
> Also, SSLRandomSeed is configured for startup and connect in Apache.
> Any help would be appreciated.
> Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list