The Apache Haus Forum

Advanced search  

News:

Welcome to Apache Haus Distribution Forum

Pages: [1]   Go Down

Author Topic: Apache 2.4.48 - Gateway Timeout - Script timed out before returning headers  (Read 71 times)

AJPRO2021

  • Newbie
  • *
  • Offline Offline
  • Posts: 2

Since we've upgraded Tomcat Web Services from 2.4.46 to 2.4.47/48 is when we've started to have Gateway Timeout problem.

Here are the version of the Tomcat running on the windows 2016 64bit server.

Apache Tomcat/9.0.46 --> (apache-tomcat-9.0.46-windows-x64)
Apache/2.4.48 (Win32) OpenSSL/1.1.1k --> (httpd-2.4.48-o111k-x86-vc15)

for the longest, we have had enabled the SSL in httpd.conf and configured the httpd-ssl.conf environment to run with our own internal certificate.

==================================
httpd.conf
==================================
Code: [Select]
# Secure (SSL/TLS) connections
# Note: The following must must be present to support
#       starting without SSL on platforms with no /dev/random equivalent
#       but a statically compiled-in mod_ssl.
#
<IfModule ssl_module>
Include conf/extra/httpd-ssl.conf
#Include conf/extra/httpd-ahssl.conf
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
<IfModule http2_module>
    ProtocolsHonorOrder On
    Protocols h2 h2c http/1.1
</IfModule>

=====================================
 httpd-ssl.conf
=====================================

Listen 443

SSLPassPhraseDialog  builtin

SSLSessionCache        "shmcb:${SRVROOT}/logs/ssl_scache(512000)"
SSLStaplingCache       "shmcb:${SRVROOT}/logs/ssl_stapling_data(512000)"
SSLSessionCacheTimeout  600

<VirtualHost _default_:443>
DocumentRoot "${SRVROOT}/htdocs"
ServerName ecsma.epssdri.com:443
ServerAdmin
Redirect permanent /index.html /ostcs/csas.exe

ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"

SSLEngine on
SSLProtocol TLSv1.2
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384
SSLHonorCipherOrder on
SSLInsecureRenegotiation on

SSLCompression off

SSLCertificateFile "${SRVROOT}/conf/ssl/escm.cer"
SSLCertificateKeyFile "${SRVROOT}/conf/ssl/escm.cer"


<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>

<Directory "${SRVROOT}/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog "${SRVROOT}/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>                             
   

=====================================

All major Apache Tomcat/9.0.46 and Apache Web Service’s timeouts have been raised beyond the limit.

Our Application stops communicating at exactly 01:06:21 (min) and due to lack of responds Tomcat closes the session at 03:02:01 (min) into the process.

We have ran Wireshark capture on both client and server site and we have found no abnormality with communication between the client/host.

we had no choice but to revert back to Apache 2.4.46 to stabilize our environment.

I believe the major change is with OpenSSL 1.1.1k vs 1.1.1g which was packaged with 2.4.46 release; Not sure if this what is causing the failure!

Any feed back from anyone will be greatly appreciated.

Thanks.
« Last Edit: June 11, 2021, 09:32:12 AM by mario »
Logged

mario

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 615

How do you connect to Tomcat? mod_jk or mod_proxy_ajp or mod_proxy_http ?
Logged

AJPRO2021

  • Newbie
  • *
  • Offline Offline
  • Posts: 2

These are the only modules that has been enabled.

======================

LoadModule access_compat_module modules/mod_access_compat.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule allowmethods_module modules/mod_allowmethods.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule include_module modules/mod_include.so
LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule status_module modules/mod_status.so

======================
Logged

mario

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 615

I don't see there anything how you connect tot the tomcat server nor any proxy settings.
Logged
Pages: [1]   Go Up
 

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13