I am writing to report a persistent and critical issue with OpenLiteSpeed on my VPS. I am unable to configure OLS to correctly proxy PHP requests to a local Docker container, and all attempts result in a 503 Service Unavailable error. The evidence strongly suggests an internal issue with the OLS instance itself, possibly related to OpenSSL compatibility.
Current Setup & Status:
Docker Container:
A Docker container is running successfully via docker-compose.
It uses a php:8.2-fpm-alpine base image with all necessary PHP extensions (including mongodb) installed and enabled.
The container’s internal PHP-FPM process is listening on port 9000.
The host port 9000 is correctly mapped to the container’s port 9000. sudo ss -tulnp | grep 9000 confirms docker-proxy is listening on 127.0.0.1:9000.
The container logs (docker-compose logs app) show PHP-FPM is “ready to handle connections” but receives no traffic when the 503 error occurs.
OpenLiteSpeed Configuration (for vHost):
The vHost is configured to use an extprocessor of type fcgi pointing to 127.0.0.1:9000.
A scriptHandler is used to direct .php requests to this extprocessor.
The SCRIPT_FILENAME variable is being correctly passed via the env directive in the extprocessor block (env SCRIPT_FILENAME=/var/www/app/public_html/$SCRIPT_NAME).
The OLS configuration syntax is now correct and passes openlitespeed -t without parse errors related to this vHost’s proxy setup.
The Problem:
When accessing any PHP URL, the browser receives a 503 Service Unavailable error from OLS.
The OLS error log (/usr/local/lsws/logs/error.log) shows repeated low-level SSL and I/O errors when handling requests, such as:
[BIO] bio_fd_read: Read error: (11) Resource temporarily unavailable
[SSL: …] checkError returned 2, first error: error:00000000:invalid library (0):OPENSSL_internal:invalid library (0)
My Investigation Findings:
The system OpenSSL version is 3.0.2 (on Ubuntu 22.04).
A previous ldd check on /usr/local/lsws/bin/openlitespeed suggested it might not be correctly linked against the system’s libssl.so.3 and libcrypto.so.3.
The OLS/OpenSSL errors, combined with the fact that OLS is failing to connect to a perfectly valid and listening local backend, strongly indicate an incompatibility or a faulty build/link issue between your provided OpenLiteSpeed 1.8.3 and the system’s OpenSSL 3.0.2 library.
Request:
Could you please investigate this OpenSSL/OLS integration issue on my server? It seems to be the root cause of all proxy failures and is currently blocking all development.
Possible solutions might involve:
Verifying and correcting the linkage between OLS and the system’s OpenSSL libraries.
Reinstalling or upgrading the OpenLiteSpeed instance on my server to a version that is confirmed to be stable with OpenSSL 3.x on Ubuntu 22.04.
I am extremely concerned about the promise made by the CyberPanel team regarding the use of this type of Docker technology. Their platform apparently does NOT support Docker and maintains serious conflicts between OLS and OpenSSL that prevent this type of applications from working. The support team does not respond or closes tickets without giving an answer, which makes the resolution of this type of conflicts somewhat more difficult since I cannot intervene to solve this problem that apparently is rooted and is in the way in which CYberPanel was compiled or originally developed… It is something very serious, I feel that this platform is full of rivets, or is not well developed at all.
Thank you for your urgent attention to this server-level issue.
Regards,
Rhandus Malpica