Apache 1.3.33 with mod_ssl Apache 2.0.52 --with-ssl Symptom: The dbm file that is configured with the SSLSessionCache directive suddenly starts to grow exponentially and finally reaches up to 900 MB. At this state the parent process is still accepting new https/SSL requests and forks off children for each new one. But the SSL handshake never happens, and the children just keep hanging there, doing nothing. Finally the MAX_CLIENT limit is reached, and the server is dead for all practical purposes. We see this at different occasions, with all Apache versions. Case 1: We see a load peak (~8 SSL requests per second) over a period of about 1 hour, then the load decreases. About one hour after the peak when the load reaches about 5 requests/sec the file explodes and the server hangs. Case 2: Same as above, but time difference is about 2 hours. Case 3: A sudden surge of SSL requests (avg. ~0.6 requests/sec) to an otherwise idle server causes the same effect, the SessionCache file exploding (from ~100K during the day to finally 860 MB). Below is an example file size history, with snapshots being taken every minute. In this case there were two ssl request "waves", one from 22:02 to 22:06, the other one from 22:44 to ?? (server crashed at ~22:49) --- BEGIN HISTORY --- 22:02:38 110592 22:03:38 1451008 22:04:38 1451008 22:05:38 1451008 22:06:38 1451008 ... 22:43:38 1451008 22:44:38 1451008 22:45:38 54164480 22:46:38 54164480 22:47:38 77381632 22:48:38 861713408 -- END HISTORY --- regards /markus
Annotation: There is one difference between the setups of the two versions here: Apache 1.3.33 does BasicAuth, while Apache 2.0.52 does Client certificate validation. We've just finished testing against 1.3.33, and when turning off the BasicAuth, the problem does not occur, not even under high load (500 parallel sessions). /m
Please give the configuration for the SSL vhost.
Created attachment 14539 [details] httpd config file (main + vhost 2.0.52) The calls we see when the file explodes are to /some/WLSservice (see bottom of file) I've sanitized the file some and removed config details for a second vhost on the same box that runs on port 443. The vhost that keeps crashing (and for which we see the described behaviour in relation to the requests) runs on port 444.
This is probably the same as 25667. Use shmcb not dbm. *** This bug has been marked as a duplicate of 25667 ***