You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by ryan punt <rp...@good-sam.com> on 2006/03/06 19:06:09 UTC
[users@httpd] Perl CGI + SSL * 900 second timeout?
Hello all,
I'm seeing an odd issue on apache2 for Debian Sarge when using SSL (Server version: Apache/2.0.54, Server built: Sep 5 2005 11:11:08). I've got a Perl CGI that transfers user files from one server to another (using the webserver as the intermediary). The file sets can be quite large, and given environmental factors, network speeds between server can be quite slow.
SO... let's say I'm transferring 250MB of files from server A to server B. The Perl CGI will SCP the files from server A to the webserver, and when that transfer is finished, will SCP the files from the webserver to server B. However, there's a problem: after 15 minutes exactly, the web browser (be it Firefox, IE, or Opera) will stop "spinning" and, basically, sit idle; that is to say, the progress indicator hits 100% and the "globe" in the corner stops moving. In the meantime, the Perl CGI is still executing on the webserver; it will complete the transfers as if nothing were wrong.
At first I thought this was a server-specific issue, so I used apache2 in place of apache-ssl; unfortunately, the problem persists - after 15 minutes, the browser stops "spinning." Given that all browsers I've tried so far stop "spinning" at the exact same time, I'm disinclined to believe that this is a browser issue.
Again, this is only an issue when using SSL. Turn off SSL and the CGI runs to completion.
In apache2.conf, I've made the following change:
Timeout 3600
My SSL configuration:
<IfModule mod_ssl.c>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/apache2/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/apache2/ssl_mutex
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
The relevant part of my vhost configuration:
NameVirtualHost *
<VirtualHost *>
ServerAdmin rpunt@good-sam.com
ServerName debianaptmirror.corp.good-sam.com
DocumentRoot /var/wwws/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/wwws/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin-apache2/
<Directory "/usr/lib/cgi-bin-apache2">
AllowOverride None
# Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Options None
Order allow,deny
Allow from 172.16.104.0/23 172.16.102.0/23
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
SSLEngine on
SSLCertificateFile /etc/apache-ssl/ssl/usermods.cert
SSLCertificateKeyFile /etc/apache-ssl/ssl/usermods.key
</VirtualHost>
Has anyone ever seen a situation similar to this?
Thanks,
Ryan