10.3.1 - [error] unusably short session_id provided (0 bytes)

[fearz]

Since i updated to 10.3.1 i'm getting these in

/var/log/httpd/error_log

[Sun Jul 31 13:20:04 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:04 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:04 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:04 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:05 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:05 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:05 2011] [error] unusably short session_id provided (0 bytes)
[Sun Jul 31 13:20:06 2011] [error] unusably short session_id provided (0 bytes)

and many more...please advise

 

[Kirill K]

fearz, it looks like problems with openssl. What OS do you use?

 

[fearz]

Centos OS 5, I only received those since I updated to 10.3.1

 

[fearz]

Any support is highly appreciated please..

 

[fearz]

Igor? Please support..

 

[IgorG]

How it is affect you?
As far as I remember it is a known problem in openssl-0.9.8f, and you can update to openssl-0.9.8g to fix it.

 

[fearz]

I am not noticing what is it affecting, but since i updated to 10.3.1 i received those errors...I believe i don't even have any updates available for openssl, so i think it is the latest version..any other alternatives?

 

[fearz]

Igor, i am worried about updating OpenSSL while i'm using Plesk...any recommendations on a correct process on how to do so?

 

[IgorG]

openssl is package from OS vendor repository. It is not Plesk package. Check your current version and check if update is available on vendor's repository.

 

[fearz]

i have version "e" but if you say so, then you also need to check plesk because openssl was not upgraded and there were no errors until i updated your control panel.

 

[fearz]

I upgraded to openssl-0.9.8g - Same issue! So i don't think it's related to openssl as much as it is caused by Plesk! since openssl was NOT touched...

Are you guys ever going to admit that there is a problem and try to fix?

 

[Loup Artic]

Same problem.

New install CentOS 5.6, Plesk 10.3.1.
Repository atomic and rpmforge.

[Tue Aug 30 13:10:15 2011] [notice] Apache/2.2.19 (Unix) DAV/2 mod_fcgid/2.3.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.19 OpenSSL/0.9.8f mod_perl/2.0.4 Perl/v5.8.8 configured -- resuming normal operations
[Tue Aug 30 13:12:22 2011] [error] unusably short session_id provided (0 bytes)


Apache -> OpenSSL/0.9.8f
But, Package openssl-0.9.8e-12.el5_5.7.x86_64 already installed and latest version

I need rebuild Apache ?

 

[SacAutos]

Let me too throw my hat in the ring

Centos 5.6, Plesk 10.3.1 plus PHP 5.3 module. Happening to a website that I migrated over from another server where it was working fine...

 

[SacAutos]

I figured this one out

Kinda strange but it worked. I went to the IP address admin panel. I picked the IP address of the domain having problems. For the default domain, (which was selected as none) I picked my ecommerce site. After I did that, everything started working properly.

 

[ThomasR]

Kinda strange but it worked. I went to the IP address admin panel. I picked the IP address of the domain having problems. For the default domain, (which was selected as none) I picked my ecommerce site. After I did that, everything started working properly.

We experience the same problems with a one domain setup (dedicated IP address) for which we have a valid SSL certificate. Logs have an error every 10 minutes:

[Fri Nov 25 08:13:45 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 08:21:21 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 08:31:21 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 08:41:30 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 08:51:28 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 09:01:18 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 09:11:22 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 09:21:21 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 09:31:54 2011] [error] unusably short session_id provided (0 bytes)
[Fri Nov 25 09:41:22 2011] [error] unusably short session_id provided (0 bytes)

The "default site" for the IP address/SSL Certificate is set to de domain for which the certificate is valid. If we set the "default site" to none, our certificate is being refused in Internet Explorer. Both with the "default site" set at "none" or at "mydomain.tld" the error occurs.

How can this be fixed?

Server and product details:
° Product: Plesk 10.3.1
° Operating system: CentOS release 5.7 (Final)
° Architecture: x86_64
° Kernel version 2.6.18-028stab089.1
° OpenSSL version: openssl-0.9.8e-20.el5

 

[ThomasR]

Any update concerning this issue? In the meanwhile we use Plesk 10.4.4 (MU 15), but the error still occurs.