We are experiencing problems under heavy traffic to our SSL site.
I have read the FAQ on performance and have decided to switch to
shmcb caching, but I don't know if that will help the problem.
With about 300 concurrent users the server loads skyrocket and the
server no longer spawns child processes for CGI scripts. I have the
Apache 1.3.27 server set up for 4096 concurrent connections and have
made all the suggested performance tuning measures suggested on the
Apache site. This problem does not occur on the non-ssl site which
has significantly more traffic.
Can anyone offer any insight into this problem? Here are my specs:
AIX 4.3.3 Dual Processor F40 w/ 1GB RAM 2GB SWAP
Apache with mod_ssl (compiled in) 1.3.27-2.8.11
Openssl 0.9.6g
from http.conf:
<VirtualHost hostname:443>
DocumentRoot "/usr/local/apache/ssldocs"
ServerName hostname
ServerAdmin me
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
ScriptAlias /cgi-bin/ "/usr/local/apache/sslcgi/"
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/public.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/private.key
SSLCertificateChainFile /usr/local/apache/conf/ssl.crt/intermediate.crt
SSLVerifyClient none
SSLVerifyDepth 10
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /usr/local/apache/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Any help is appreciated.
---------------------------------------------------------------------
Dale Weaver [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
- Re: Server Load problems under heavy SSL traffic Dale Weaver
- Re: Server Load problems under heavy SSL traffic Mads Toftum
- Re: Server Load problems under heavy SSL traffic R. DuFresne
