Kong reload error when using lua-openssl module ?


#1

I want to use ‘lua-openssl’ for openssl cms function

The lua-openssl version is openssl-scm-5.

Then lua-openssl ‘so’ file is ‘openssl_scm_5-openssl.so’, I use code below:

local cms = require(“openssl_scm_5-openssl”).cms

and cms works correctly. However when I reload kong with command ‘kong reload -c kong.conf’, there are some errors, the info is:

2018/12/18 21:33:53 [debug] 28600#0: [lua] client.lua:576: init(): [dns-client] emptyTtl = 1 s
2018/12/18 21:33:53 [notice] 28600#0: using the “epoll” event method
2018/12/18 21:33:53 [notice] 28600#0: start worker processes
2018/12/18 21:33:53 [notice] 28600#0: start worker process 28968
2018/12/18 21:33:53 [notice] 28600#0: start worker process 28969
2018/12/18 21:33:53 [notice] 28600#0: start worker process 28970
2018/12/18 21:33:53 [notice] 28600#0: start worker process 28971
2018/12/18 21:33:53 [notice] 28600#0: start worker process 28972
2018/12/18 21:33:53 [notice] 28600#0: start worker process 28973
2018/12/18 21:33:53 [emerg] 28968#0: SSL_CTX_new() failed (SSL: error:140A90F1:lib(20):func(169):reason(241))
2018/12/18 21:33:53 [emerg] 28969#0: SSL_CTX_new() failed (SSL: error:140A90F1:lib(20):func(169):reason(241))
2018/12/18 21:33:53 [emerg] 28970#0: SSL_CTX_new() failed (SSL: error:140A90F1:lib(20):func(169):reason(241))
2018/12/18 21:33:53 [emerg] 28971#0: SSL_CTX_new() failed (SSL: error:140A90F1:lib(20):func(169):reason(241))
2018/12/18 21:33:53 [emerg] 28972#0: SSL_CTX_new() failed (SSL: error:140A90F1:lib(20):func(169):reason(241))
2018/12/18 21:33:53 [emerg] 28973#0: SSL_CTX_new() failed (SSL: error:140A90F1:lib(20):func(169):reason(241))
2018/12/18 21:33:53 [notice] 28606#0: gracefully shutting down
2018/12/18 21:33:53 [debug] 28606#0: *2301 [lua] events.lua:192: do_event_json(): worker-events: handling event; source=resty-worker-events, event=stopping, pid=28606, data=nil
2018/12/18 21:33:53 [notice] 28606#0: exiting
2018/12/18 21:33:53 [notice] 28605#0: gracefully shutting down
2018/12/18 21:33:53 [debug] 28605#0: *2306 [lua] events.lua:192: do_event_json(): worker-events: handling event; source=resty-worker-events, event=stopping, pid=28606, data=nil
2018/12/18 21:33:53 [debug] 28605#0: *2306 [lua] events.lua:192: do_event_json(): worker-events: handling event; source=resty-worker-events, event=stopping, pid=28605, data=nil
2018/12/18 21:33:53 [notice] 28605#0: exiting
2018/12/18 21:33:53 [notice] 28604#0: gracefully shutting down
2018/12/18 21:33:53 [notice] 28603#0: gracefully shutting down

Why kong can start, stop but not reload, Is there any fixed solution?


#2

Here is the simplest customized nginx.conf to reproduce above problem.

init_by_lua_block {
require(“luarocks.loader”)
local cms = require(“openssl_scm_5-openssl”).cms
}

init_worker_by_lua_block {
– empty content
}

However, If I remove the 'init_worker_by_lua_block ', Kong or openresty can reload success.

Begging for help, Thanks!


#3

Hello @xliuqq,

It looks like a failure on loading some routine needed by kong in the openssl library. Could it be that you compiled lua-openssl against a different version than the one needed by kong?

Latest Kong should be using 1.1 .