Also, can you upgrade to the latest version of Tomcat (5.5.27) and Apache HTTPD?
p Pid wrote: > Do not reply to all. Just to the list please. > > OK. So you're doing the following: > > ssl-> LB:8443 http-> HTTPD:8443 http-> Tomcat:8443 https?-> ContentSrv > > What are the content servers, virtual hosts in Tomcat? > Or do you have some kind of proxy application running inside Tomcat? > > If you are *not* using the http connector on 8080, comment it and the > AJP one out of your config please. > > > Rahman Akhlaqur wrote: >> Hi P >> >> The SSL is terminated at the load balancers, so the request is then a http >> request on port 8443 to our apache webserver (we use this to resolve >> multiple hostnames to just a few virtual hosts) which then just proxys the >> http request to Tomcat. At which point we want the request to be passed on >> to the content server as a secure request on port 443 - to match content >> hosts set up on port 443. It seems to work okay as the reverse path is fine, >> from the content server back to the end user. >> >> There is nothing in the Tomcat logs, the request is not even logged in the >> localhost access log - this points to Tomcat not even listening properly on >> port 8443. The other port (8080) is working okay though. > > If there's nothing in the Tomcat logs, how do you know that the request > is being sent at all? > > What method are you using to connect HTTPD to Tomcat? mod_jk or > mod_proxy (or something else)? > > Can you enable logs and a status worker to check on what happens when > the connection dies? > > > p > > > > > >> ----- Original Message ---- >> From: Pid <p...@pidster.com> >> To: Tomcat Users List <users@tomcat.apache.org> >> Sent: Thursday, 30 April, 2009 16:59:25 >> Subject: Re: Tomcat 5.5.23 stops listening to requests on SSL port >> >> Rahman Akhlaqur wrote: >>> Hi >>> >>> I am having an issue with my Tomcat server not responding on the SSL port. >>> I reported this as a possible bug but this was rejected as a config issue. >>> More info as below: >>> >>> The Tomcat connector is configured as below >>> >>> <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector >>> port="8080" maxHttpHeaderSize="8192" maxThreads="350" minSpareThreads="25" >>> maxSpareThreads="75" enableLookups="false" redirectPort="8443" >>> acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" /> >>> >>> <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> <Connector port="8443" >>> maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" >>> maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" >>> connectionTimeout="20000" acceptCount="100" scheme="https" secure="false" >>> proxyPort="443"/> >>> >>> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" >>> enableLookups="false" redirectPort="8443" protocol="AJP/1.3" /> >>> >>> The issue is that Tomcat stops listening on port 8443 after a while of >>> running. >>> This means no HTML is returned to end users browsers. >>> >>> I know this as I am getting a HTTP error code 502 from the apache 2.2.4 >>> webserver that is proxying the request to Tomcat. >>> >>> The setup I have is that SSL is terminated at a load balancer and forwards >>> the >>> request to port 8443 to apache, which then proxy passes the request to >>> Tomcat >>> to port 8443 and then Tomcat passes this request to the content server on >>> port >>> 443 (as this is a secure request). >> So you're sending SSL at each stage via 2 proxies? >> >> ssl-> LB:8443 ssl-> HTTPD:8443 ssl-> Tomcat:8443 ssl-> ContentSrv >> >> >>> One theory is that end users are abruptly terminating their session with >>> Tomcat >>> (by cancelling their secure requests or closing their browsers) and Tomcat >>> is >>> not closing the thread when this happens. Therefore running out of threads. >>> I >>> am not sure about this and need some way to prove it. >> What do the Tomcat logs say when this occurs? >> >> p >> >>> Akik Rahman >>> >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
