Solaris 10/11 (SPARC) + Apache 2.4.18 + OpenSSL 1.0.2f; TLSv1+TLSv1.1+TLSv1.2 enabled. After updating openssl used by mod_ssl to 1.0.2f I found some strange errors in my error log: [2016-02-02 05:55:15.321420] [ssl:info] [pid 14344:tid 56] [C:AA+aphxlm2M] AH01992: SSL library error 1 reading data [2016-02-02 05:55:15.321547] [ssl:info] [pid 14344:tid 56] SSL Library Error: error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call [2016-02-02 05:55:15.321613] [ssl:info] [pid 14344:tid 56] SSL Library Error: error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call [2016-02-02 05:55:15.321672] [ssl:info] [pid 14344:tid 56] SSL Library Error: error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call [2016-02-02 05:55:15.321736] [ssl:info] [pid 14344:tid 56] SSL Library Error: error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call I tried to dig a bit deeper into this, looking for what caused this errors, and I found this commit in the OpenSSL: https://github.com/openssl/openssl/commit/f73c737c7ac908c5d6407c419769123392a3b0a9 Looks like this was the part causing problems: - if ((s != NULL) && !SSL_in_init(s)) - return (s->method->ssl_shutdown(s)); - else - return (1); + return s->method->ssl_shutdown(s); I rebuilt 1.0.2f adding this checks back in ssl_lib.c, and the errors is no longer appearing. Looks like the code triggering this errors is in mod_ssl/ssl_util_ssl.c (int modssl_smart_shutdown(SSL *ssl)). The errors appear in different conditions -- there may be some successfull requests served in keep-alive connection -- so no constant pattern here, unfortunately. I don't really know how this happens, since I was unable to reproduce such errors in testing environments, and I'm not sure whether it is a bug in Apache or in OpenSSL.
Fixed in OpenSSL in commit https://github.com/openssl/openssl/commit/64193c8218540499984cd63cda41f3cd491f3f59