HTTPS Connection Timeouts

HTTPS Connection Timeouts

am 10.04.2010 01:40:33 von Rick Cone

Hi,

We are using Apache server version 1.3.37 on Unix, and we occasionally get a
lot of https connections at the same time (or thereabouts) to some CGI's.
Some of these https connections are getting a timeout, and in particular, a
connection to a CGI that we use monitor things with to this site from
another site (done by us). We use cURL for this monitor, and it says "curl:
(28) SSL connection timeout". It is somewhat of a connection blast (https)
that happens here, I'm sure. I want to be able to better handle these
blasts. They certainly do not happen very often, but when they do I would
like to do whatever I can to better manage them. If it is as simple as
bumping up the Min/Max and Start Servers that would be great, but something
tells be it may be more of an volume issue with https/SSL.

Please advise what changes I can make to the Apache configuration (etc.).

In regards, I have my httpd.conf as:

Timeout 300
Timeout 300
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 15
MaxSpareServers 25
StartServers 15
MaxClients 150
MaxRequestsPerChild 0

A representative sampling of the ssl_engine_log log says:

[09/Apr/2010 11:37:16 13323] [info] Initial (No.1) HTTPS request received
for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:17 13323] [info] Subsequent (No.2) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:17 13323] [info] Subsequent (No.3) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:18 13323] [info] Subsequent (No.4) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:19 13323] [info] Subsequent (No.5) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:19 13323] [info] Subsequent (No.6) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:20 13323] [info] Subsequent (No.7) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:21 13323] [info] Subsequent (No.8) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:22 13323] [info] Subsequent (No.9) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:22 13323] [info] Subsequent (No.10) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:23 13323] [info] Subsequent (No.11) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:24 13323] [info] Subsequent (No.12) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:24 13323] [info] Subsequent (No.13) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:25 01979] [info] Connection to child 11 established
(server
spaysys.com:443, client 173.11.21.121)
[09/Apr/2010 11:37:25 01979] [info] Seeding PRNG with 1160 bytes of entropy
[09/Apr/2010 11:37:25 01979] [info] Connection: Client IP: 173.11.21.121,
Protocol: TLSv1, Cipher: RC4-MD5 (128/128 bits)
[09/Apr/2010 11:37:25 01979] [info] Initial (No.1) HTTPS request received
for child 11 (server spaysys.com:443)
[09/Apr/2010 11:37:25 13323] [info] Subsequent (No.14) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:26 13323] [info] Subsequent (No.15) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:26 13323] [info] Subsequent (No.16) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:27 13323] [info] Subsequent (No.17) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:28 13323] [info] Subsequent (No.18) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:29 13323] [info] Subsequent (No.19) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:30 13323] [info] Subsequent (No.20) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:30 02079] [info] Connection to child 15 established
(server spaysys.com:443, client 65.102.233.157)
[09/Apr/2010 11:37:30 02079] [info] Seeding PRNG with 1160 bytes of entropy
[09/Apr/2010 11:37:30 01969] [info] Connection to child 1 closed with
standard shutdown (server spaysys.com:443, client 173.11.21.121)
[09/Apr/2010 11:37:31 13323] [info] Subsequent (No.21) HTTPS request
received for child 20 (server spaysys.com:443)

[09/Apr/2010 11:37:49 01973] [info] Initial (No.1) HTTPS request received
for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:50 01973] [info] Subsequent (No.2) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:50 01973] [info] Subsequent (No.3) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:50 01973] [info] Subsequent (No.4) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:50 01973] [info] Subsequent (No.5) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:51 01973] [info] Subsequent (No.6) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:51 01973] [info] Subsequent (No.7) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:51 01973] [info] Subsequent (No.8) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:51 01973] [info] Subsequent (No.9) HTTPS request
received for child 5 (server spaysys.com:443)
[09/Apr/2010 11:37:52 01973] [info] Subsequent (No.10) HTTPS request
received for child 5 (server spaysys.com:443)

[09/Apr/2010 11:37:43 13323] [info] Subsequent (No.47) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:44 13323] [info] Subsequent (No.48) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:44 13323] [info] Subsequent (No.49) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:44 13323] [info] Subsequent (No.50) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:45 13323] [info] Subsequent (No.51) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:45 13323] [info] Subsequent (No.52) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:45 13323] [info] Subsequent (No.53) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:46 13323] [info] Subsequent (No.54) HTTPS request
received for child 20 (server spaysys.com:443)
[09/Apr/2010 11:37:49 01974] [info] Connection to child 6 closed with
standard shutdown (server spaysys.com:443, client 70.43.187.82)
[09/Apr/2010 11:37:49 01973] [info] Connection to child 5 established
(server spaysys.com:443, client 75.145.239.234)
[09/Apr/2010 11:37:49 01973] [info] Seeding PRNG with 1160 bytes of entropy
[09/Apr/2010 11:37:49 01973] [info] Connection: Client IP: 75.145.239.234,
Protocol: TLSv1, Cipher: RC4-MD5 (128/128 bits)

Thanks,

Rick Cone
Secure Payment Systems





------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org