Hello all.
I posted this a while back and have found a temporary solution
to my problem, which I thought I might share, and have a few questions.
The problem was that,
> I can get
> the server to listen and respond to plain HTTP on any port.
> I am also able to get it to listen for and respond to SSL
> connections on any port. The problem is that, as soon as
> I attempt to get it to listen to:
>
> HTTP on port X
> and
> SSL connections on port Y
>
> The process just seems to freeze. The log files are normal
> up to
> "Apache/1.3.12 (Unix) configured -- resuming normal operations"
> and the everything stops.
Well it seems it had to do with the number of open log files. When
apache is started (as root), we would open a log file to each virtual
host and stash the filehandle, such that the children (user nobody)
might be able to write to these user-owned files.
On the Linux machine, which has over 1000 virtual hosts, this would
hang apache when both HTTP and SSL connections where accepted.
We solved the problem basically by avoiding to open the log files until
they were actually needed, and since we do a graceful every 60 minutes,
as long as the number of active sites within that hour is below
approximately 650 everything is fine. However I fear that, on a very
busy day, we will bust that limit and stop serving web pages.
We had had problems with the number of open files before and apache
was recompiled with a larger FD_SETSIZE to compensate (2048), which had
solved the problem at the time.
My questions are what is the relation between having ssl enabled (-DSSL)
and the number of logfiles we were opening? Was it doubling for some
reason (one handle for regular HTTP and one for SSL for each site)?
Although this may bea non-SSL specific question, why is it happening?
Is it the FD_SETSIZE, a system limit, something else?
Thanks.
Pat.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
