httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From maurizio bella <lai...@gmail.com>
Subject [users@httpd] (70007)The timeout specified has expired: proxy: error reading status line from remote server
Date Thu, 15 Apr 2010 14:25:03 GMT
Hi to all,
I have an httpd server with mod_proxy that forward any request to an another
server.
the flow is: client --> requesto proxy https://miosito.it --> forward to
server https://192.168.0.10:8443/
I'm reading this error in my httpd log in LogLevel debug (after some
request).
After some request the proxy (or the backend server) don't response to any
future requests.
How can find teh root cause?
many thanks for all suggest.

ssl_error.log:

Thu Apr 15 10:37:10 2010] [debug] ssl_engine_io.c(1821): OpenSSL: I/O error,
5 bytes expected to read on BIO#863acd0 [mem: 863b420]
[Thu Apr 15 10:37:10 2010] [info] [client 192.168.0.10] (70007)The timeout
specified has expired: SSL input filter read failed.
[Thu Apr 15 10:37:10 2010] [error] [client 10.0.2.123] (70007)The timeout
specified has expired: proxy: error reading status line from remote server
192.168.0.10, referer:
https://miosito.it/cas-server-webapp-3.3.5/login?service=https%3A%2F%2Fmiosito.it%2FUAP%2Fj_spring_cas_security_check
[Thu Apr 15 10:37:10 2010] [debug] mod_proxy_http.c(1466): [client
10.0.2.123] proxy: NOT Closing connection to client although reading from
backend server 192.168.0.10 failed., referer:
https://miosito.it/cas-server-webapp-3.3.5/login?service=https%3A%2F%2Fmiosito.it%2FUAP%2Fj_spring_cas_security_check
[Thu Apr 15 10:37:10 2010] [error] [client 10.0.2.123] proxy: Error reading
from remote server returned by /UAP/j_spring_cas_security_check, referer:
https://miosito.it/cas-server-webapp-3.3.5/login?service=https%3A%2F%2Fmiosito.it%2FUAP%2Fj_spring_cas_security_check
[Thu Apr 15 10:37:10 2010] [debug] proxy_util.c(2062): proxy: HTTPS: has
released connection for (192.168.0.10)
[Thu Apr 15 10:37:10 2010] [info] [client 10.0.2.123] Connection closed to
child 7 with unclean shutdown (server miosito.it:443)


this is my system

# uname -a
Linux SRV01 2.6.18-128.el5 #1 SMP Wed Dec 17 11:42:39 EST 2008 i686 i686
i386 GNU/Linux
# rpm -qa | grep http
httpd-manual-2.2.3-31.el5_4.2
system-config-httpd-1.3.3.3-1.el5
jakarta-commons-httpclient-3.0-7jpp.1
httpd-2.2.3-31.el5_4.2
httpd-devel-2.2.3-31.el5_4.2
# rpm -qa | grep ssl
openssl-devel-0.9.8e-7.el5
mod_ssl-2.2.3-31.el5_4.2
docbook-style-dsssl-1.79-4.1
openssl-0.9.8e-7.el


and this my /etc/httpd/conf.d/ssl.conf


LoadModule ssl_module modules/mod_ssl.so
LoadFile   /usr/lib/libxml2.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule xml2enc_module modules/mod_xml2enc.so

Listen 443
# Listen 444
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

NameVirtualHost miosito.it:443

#<VirtualHost *:443>
<VirtualHost miosito.it:443>
ServerName miosito.it
ErrorLog logs/ictservices_ssl_error_log
TransferLog logs/ictservices_ssl_access_log
#LogLevel debug

####ProxyRequests on
ProxyRequests off
ProxyPass / https://192.168.0.10:8443/
ProxyHTMLURLMap https://192.168.0.10:8443 /
<Location />
        ProxyPassReverse https://192.168.0.10:8443/
        ProxyHTMLEnable On
        ProxyHTMLURLMap  /      /
        RequestHeader    unset  Accept-Encoding
</Location>

SSLEngine on
SSLProxyEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/httpd/cert/Global_Alternative.cer
SSLCertificateKeyFile /etc/httpd/cert/Global_Alternative.key
SSLCertificateChainFile /etc/httpd/cert/Global_CA.cer

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

Mime
View raw message