Re: Strange delays
=>From: Oscar Abrahamsson <[EMAIL PROTECTED]> =>... =>I have a problem with my apache/mod_ssl-webserver: =>- sometimes when accessing a page I get a reponse time of a few minutes. The =>moment before and after everything is normal. Check the "SSLRandomSeed" entries in your configuration file. Apparently, it's a common problem that the random source used by the SSL libraries for key material tends to run dry, so connections hang until more entropy is generated somehow so that key generation can continue. I don't know what happens on Solaris, but on Linux, if you use "/dev/random" instead of "/dev/urandom," you're likely to see this. d. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Strange delays
I'm using the 'builtin' source for my SSLRandomSeed, so this shouldn't be the problem. Right? Regards, Oscar Abrahamsson dave madden wrote: > > =>From: Oscar Abrahamsson <[EMAIL PROTECTED]> > =>... > =>I have a problem with my apache/mod_ssl-webserver: > =>- sometimes when accessing a page I get a reponse time of a few minutes. The > =>moment before and after everything is normal. > > Check the "SSLRandomSeed" entries in your configuration file. > Apparently, it's a common problem that the random source used by the > SSL libraries for key material tends to run dry, so connections hang > until more entropy is generated somehow so that key generation can > continue. I don't know what happens on Solaris, but on Linux, if you > use "/dev/random" instead of "/dev/urandom," you're likely to see > this. > > d. > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Strange delays
On Sun, Nov 14, 1999, Oscar Abrahamsson wrote: > I'm using the 'builtin' source for my SSLRandomSeed, so this shouldn't > be the problem. Right? Yes, the builtin source doesn't have any delays. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Strange delays
On Fri, Nov 12, 1999, Oscar Abrahamsson wrote: > I have a problem with my apache/mod_ssl-webserver: > - sometimes when accessing a page I get a reponse time of a few minutes. The > moment before and after everything is normal. > When examining the logs, I've found that when I get the long delay, this occurs > before writing anything to ssl_engine_log. My question is, what the web-server does > before logging to ssl_engine_log? > >From the point that it actually writes something here, everything seems normal. > > My system is as follows: > SunOS 5.5.1 Generic sun4u sparc SUNW,Ultra-1 > apache 1.3.9 / mod_ssl 2.4.5-1.3.9 / mm-1.0.12/openssl-0.9.4/php-3.0.12 > I use a self-signed certificate. > > The web-server has a very low load, but the machine where it resides has a few > other web-servers, so it it a bit more busy. > > As far as I remember I did not change anything more than necessary when > configuring the modules. I guess you're using an "SSLRandomSeed connect /dev/random 512" and your /dev/random device is a blocking one. Read the FAQ for more details, please. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
