Hello all,
I'm seeing an odd issue on apache2 for Debian Sarge when using SSL (Server version: Apache/2.0.54, Server built: Sep 5 2005 11:11:08). I've got a Perl CGI that transfers user files from one server to another (using the webserver as the intermediary). The file sets can be quite large, and given environmental factors, network speeds between server can be quite slow.
SO... let's say I'm transferring 250MB of files from server A to server B. The Perl CGI will SCP the files from server A to the webserver, and when that transfer is finished, will SCP the files from the webserver to server B. However, there's a problem: after 15 minutes exactly, the web browser (be it Firefox, IE, or Opera) will stop "spinning" and, basically, sit idle; that is to say, the progress indicator hits 100% and the "globe" in the corner stops moving. In the meantime, the Perl CGI is still executing on the webserver; it will complete the transfers as if nothing were wrong.
At first I thought this was a server-specific issue, so I used apache2 in place of apache-ssl; unfortunately, the problem persists - after 15 minutes, the browser stops "spinning." Given that all browsers I've tried so far stop "spinning" at the exact same time, I'm disinclined to believe that this is a browser issue.
Again, this is only an issue when using SSL. Turn off SSL and the CGI runs to completion.
In apache2.conf, I've made the following change:
Timeout 3600
My SSL configuration:
<IfModule mod_ssl.c>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/apache2/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/apache2/ssl_mutex
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
The relevant part of my vhost configuration:
NameVirtualHost *
<VirtualHost *>
ServerAdmin rpunt@xxxxxxxxxxxx
ServerName debianaptmirror.corp.good-sam.com
DocumentRoot /var/wwws/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/wwws/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin-apache2/
<Directory "/usr/lib/cgi-bin-apache2">
AllowOverride None
# Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Options None
Order allow,deny
Allow from 172.16.104.0/23 172.16.102.0/23
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
SSLEngine on
SSLCertificateFile /etc/apache-ssl/ssl/usermods.cert
SSLCertificateKeyFile /etc/apache-ssl/ssl/usermods.key
</VirtualHost>
Has anyone ever seen a situation similar to this?
Thanks,
Ryan
------------------------------------------------- This email transmission and any documents, files or previous email messages attached to it may contain information that is confidential or legally privileged. If you are not the intended recipient, you are hereby notified that any disclosure, copying, printing, distributing or use of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by telephone or return email and delete the original transmission and its attachments without reading or saving in any manner. The Evangelical Lutheran Good Samaritan Society. ---------------------------------------------------------
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|