httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "hildegard meier" <>
Subject [users@httpd] Lots of messages "[ssl:warn] Resource deadlock avoided: AH02026: Failed to acquire SSL session cache lock"
Date Tue, 08 Mar 2016 15:44:19 GMT
Ubuntu 14.04 LTS

3.13.0-79-generic x86_64


The Host has just been release-upgraded (with Ubuntu do-release-upgrade command) From Ubuntu
12.04 LTS

All Apache config files are the new ones, old configuration entries have been adopted to the
new config files manually.

Most of the 74 vHosts are working fine. But on two vHosts there is coming the following message
nearly every minute:

[Tue Mar 08 16:08:18.596653 2016] [ssl:warn] [pid 8339:tid 140182179256064] (35)Resource deadlock
avoided: AH02026: Failed to acquire SSL session cache lock
[Tue Mar 08 16:08:20.791623 2016] [ssl:warn] [pid 8849:tid 140182112114432] (35)Resource deadlock
avoided: AH02026: Failed to acquire SSL session cache lock
[Tue Mar 08 16:08:54.230004 2016] [ssl:warn] [pid 8849:tid 140182162470656] (35)Resource deadlock
avoided: AH02026: Failed to acquire SSL session cache lock
[Tue Mar 08 16:13:28.180687 2016] [ssl:warn] [pid 10595:tid 140182095329024] (35)Resource
deadlock avoided: AH02026: Failed to acquire SSL session cache lock

But we are not aware of any impact of this. Server generally working fine (has some traffic-
700 established AJP proxy connections, 200 busy worker threads, 100 Requests/s, 300 KB/s).

I did not find much about that message. Only official:

AH02026: Failed to acquire SSL session cache lock"  ./modules/ssl/ssl_engine_mutex.c:92

We use mpm worker:

<IfModule mpm_worker_module>
    StartServers            2
    MinSpareThreads         25
    MaxSpareThreads         75
    ThreadLimit             64
    ThreadsPerChild         35
    MaxRequestWorkers       560
    MaxConnectionsPerChild  10000

<IfModule mod_ssl.c>
        SSLRandomSeed startup builtin
        SSLRandomSeed startup file:/dev/urandom 512
        SSLRandomSeed connect builtin
        SSLRandomSeed connect file:/dev/urandom 512

        AddType application/x-x509-ca-cert .crt
        AddType application/x-pkcs7-crl .crl

        SSLPassPhraseDialog exec:/usr/share/apache2/ask-for-passphrase

        SSLSessionCache         shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
        SSLSessionCacheTimeout  300

        SSLCipherSuite HIGH:MEDIUM:!ADH:!MD5:!RC4

        SSLProtocol all -SSLv3


is loaded (via symlink /etc/apache2/mods-enabled)

Mutex file:${APACHE_LOCK_DIR} default

export APACHE_PID_FILE=/var/run/apache2/apache2$
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX

exists and contains the proper PID of apache process.

But there is no "ssl_scache":

ls -al /var/run/apache2/
total 4
drwxr-xr-x  2 root     root  80 Mar  8 12:54 .
drwxr-xr-x 18 root     root 680 Mar  8 13:18 ..
-rw-r--r--  1 root     root   5 Mar  8 12:54
srwx------  1 www-data root   0 Mar  8 12:54 cgisock.1425

But according to apache status page, SSL cache is working:

SSL/TLS Session Cache Status:
cache type: SHMCB, shared memory: 512000 bytes, current entries: 463
subcaches: 32, indexes per subcache: 88
time left on oldest entries' objects: avg: 26 seconds, (range: 0...71)
index usage: 16%, cache usage: 20%
total entries stored since starting: 27271
total entries replaced since starting: 0
total entries expired since starting: 22693
total (pre-expiry) entries scrolled out of the cache: 0
total retrieves since starting: 224953 hit, 14045 miss
total removes since starting: 0 hit, 0 miss

There is also nothing in /var/lock/apache2:

ls -al /var/lock/apache2/
total 0
drwxr-xr-x 2 www-data root 40 Mar  8 12:54 .
drwxrwxrwt 3 root     root 60 Mar  4 17:35 ..

I would expect that there would be files with the names of the mutex type, according to

"With the file-based mechanisms fcntl and flock, the path, if provided, is a directory where
the lock file will be created [...] The basename of the file will be the mutex type"

Could someone please tell if that is ok that there is neither a ssl_scache file nor mutex
type named mutex files ?

What can I do to get rid of the "AH02026: Failed to acquire SSL session cache lock" messages?

What is the meaning of the message?

Thanks very much.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message