Por alguma razão isso corrigiu
SetEnv nokeepalive ssl-unclean-shutdown
Eu continuo vendo isso em meus arquivos de log do Apache 2.2.22 (Ubuntu) e não sei porque está ocorrendo ou como corrigi-lo
[debug] ssl_engine_kernel.c(1884): OpenSSL: Write: SSL negotiation finished successfully
[info] [client 10.0.0.5] Connection closed to child 3 with standard shutdown (server example.com:443)
[info] [client 10.0.0.5] (70007)The timeout specified has expired: SSL input filter read failed.
Eu já vi isso: Tempo de espera do proxy do Apache
Já experimentei o a2dismod reqtimeout_module e estas opções:
SetEnv proxy-sendchunks
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
ProxyPass / https://example.com/ connectiontimeout=300 timeout=300
Informações do Apache:
# apachectl -V; apachectl -M
Server version: Apache/2.2.22 (Ubuntu)
Server built: Jul 12 2013 13:37:10
Server's Module Magic Number: 20051115:30
Server loaded: APR 1.4.6, APR-Util 1.3.12
Compiled using: APR 1.4.6, APR-Util 1.3.12
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"
Loaded Modules:
core_module (static)
log_config_module (static)
logio_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
mime_module (shared)
negotiation_module (shared)
proxy_module (shared)
proxy_http_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
security2_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
unique_id_module (shared)
Syntax OK
# cat /etc/apache2/sites-available/scl/example.com
<Virtualhost *:80>
Servername example.com
Redirect / https://example.com/
</VirtualHost>
<VirtualHost *:443>
Servername example.com
SSLEngine on
SSLProxyEngine On
ProxyRequests Off
LogLevel Debug
DocumentRoot "/var/www/html/scl/trail"
ErrorLog "/var/log/apache2/trail-error_log"
CustomLog "/var/log/apache2/trail-error_log" common
DirectoryIndex index.html index.htm
<Directory /var/www/html/scl/trail>
Order deny,allow
Allow from all
SetHandler default-handler
</Directory>
ProxyPass / https://example.com/ connectiontimeout=300 timeout=300
ProxyPassReverse / https://example.com/
ProxyPreserveHost On
###################
# SSL Constraints #
###################
SSLProtocol -ALL +SSLv3 +TLSv1
# Choose cipher suites
SSLHonorCipherOrder On
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT
# SameOrigin The page can only be displayed in a frame on the same origin as the page itself
Header set X-Frame-Options SAMEORIGIN
SSLCertificateFile /etc/apache2/example.com.crt
SSLCertificateKeyFile /etc/apache2/example.com.key
SSLCertificateChainFile /etc/apache2/gd_bundle.crt
SetOutputFilter INFLATE;proxy-html;DEFLATE
</VirtualHost>
Por alguma razão isso corrigiu
SetEnv nokeepalive ssl-unclean-shutdown