Mmmm, OK; so a little further on I think....
I also increased the server's Apache error logging to debug and re-ran the process of adding a new external tool.... Lots more error logs this time but it included some strange logs around a custom block we had installed called block_gcsepod that was giving warnings about using an empty initialization vector and being referred by the /mod/lti/contentitem_return.php script... See logs below:
I also increased the server's Apache error logging to debug and re-ran the process of adding a new external tool.... Lots more error logs this time but it included some strange logs around a custom block we had installed called block_gcsepod that was giving warnings about using an empty initialization vector and being referred by the /mod/lti/contentitem_return.php script... See logs below:
[Mon May 03 11:57:16.467792 2021] [authz_core:debug] [pid 11204] mod_authz_core.c(809): [client 10.0.96.200:54281] AH01626: authorization result of : granted, referer: https://vle.queenmargarets.com/mod/lti/contentitem_return.php?course=872&id=3&sesskey=XXXXXXXX [Mon May 03 11:57:16.486028 2021] [php7:warn] [pid 11204] [client 10.0.96.200:54281] PHP Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended in /var/www/virt-hosts/vle.queenmargarets.com/htdocs/blocks/gcsepod/block_gcsepod.php on line 84, referer: https://vle.queenmargarets.com/mod/lti/contentitem_return.php?course=872&id=3&sesskey=XXXXXXXX [Mon May 03 11:57:16.486102 2021] [php7:warn] [pid 11204] [client 10.0.96.200:54281] PHP Warning: Creating default object from empty value in /var/www/virt-hosts/vle.queenmargarets.com/htdocs/blocks/gcsepod/block_gcsepod.php on line 90, referer: https://vle.queenmargarets.com/mod/lti/contentitem_return.php?course=872&id=3&sesskey=XXXXXXXX [Mon May 03 11:57:16.486128 2021] [php7:warn] [pid 11204] [client 10.0.96.200:54281] PHP Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended in /var/www/virt-hosts/vle.queenmargarets.com/htdocs/blocks/gcsepod/block_gcsepod.php on line 84, referer: https://vle.queenmargarets.com/mod/lti/contentitem_return.php?course=872&id=3&sesskey=XXXXXXXX [Mon May 03 11:57:16.578607 2021] [deflate:debug] [pid 11204] mod_deflate.c(854): [client 10.0.96.200:54281] AH01384: Zlib: Compressed 230045 to 26573 : URL /my/index.php, referer: https://vle.queenmargarets.com/mod/lti/contentitem_return.php?course=872&id=3&sesskey=XXXXXXXX [Mon May 03 11:57:16.835053 2021] [ssl:debug] [pid 11204] ssl_engine_kernel.c(383): [client 10.0.96.200:54281] AH02034: Subsequent (No.3) HTTPS request received for child 0 (server vle.queenmargarets.com:443), referer: https://vle.queenmargarets.com/my/
So I have disabled the gcsepod block and it appears as if the LTI is all working as expected.
I will continue testing it and see if I can contact the custom block developers for a fix...
Jon