LSWS 5.1.4 issues

[Hedloff]

Hello,

I have tested this version a couple of times now and have two issues so we had to use 5.0.15.

1. We have some customers using SSL and when using version 5.1.4 one of the website stopped working and gave error:
SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET

2. The other issue we see in LiteSpeed Admin panel is this:
2016-04-04 08:47:37.416 ERROR OCSP_basic_verify() failed: error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found

We added a listener to fix it, but it came back again.
If you don't get others with the same issue I will try get more information in the logs about these issues.

 

[Long]

Thanks for the bug report.

The OCSP error message is normal, that's because 5.0.15 does not support OCSP stapling for Apache vhosts, 5.1 added that feature, and OCSP verification failed because missing signer certificate.
We will do some thing to avoid repeated ERROR log entries for the same certificate.

 

[Long]

About the SSL site issue, did you visit the site from Firefox? Can you try with Chrome?

 

[sahostking]

ok thanks for this - had to same issue on 5.1 with respect to oscp stapling. But atleast I know why it is showing up now. It was making me nuts

 

[mistwang]

1. We have some customers using SSL and when using version 5.1.4 one of the website stopped working and gave error:
SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET

Did you configure SSL ticket related configurations under "tuning" tab, "SSL Global Settings" ?
Enable Session Tickets, SSL Session Ticket Lifetime, SSL Session Ticket Key File?

 

[Hedloff]

Hello,

Did upgrade to latest version 5.1.5 now.
Did enable session tickets, but still same errors. Multiple websites using SSL went down

 

[mistwang]

we need to reproduce this problem in our lab. can you give us more information about this?
Browser version? Litespeed SSL configuration, Apache's SSL configuration: SSL protocol, SSL ciphers?
Does it happen at the moment you switch to 5.1.5? or after a while?