proxy_ajp:error

[Jacob Subirada]

Hi comm!

Could somebody help me with this issue?

I'm getting this errors in apache error-ssl log telling there was a timeout between apache and backend, I increase the timeout values, also threads, and even ProxyIOBufferSize but keep seeing this ONLY in vhosts with CAS authentication.

  [proxy_ajp:error] [pid 49381:tid 139809288869632] (70007)The timeout specified has expired: [client 192.168.X.X:5775] AH00878: read response failed from 192.168.X.X:8009

Connector Settings in Tomcat Cas.

 <Connector port="8009" protocol="AJP/1.3" connectionTimeout="900000" keepAliveTimeout="900000" maxThreads="600" redirectPort="8443" URIEncoding="UTF-8" enableLookups="false" secretRequired="false" packetSize="65536" />

Vhosts Settings in Apache

        ProxyPass /cas ajp://X.X.X.X:8009/cas
        ProxyPassReverse /cas ajp://X.X.X.X:8009/cas
        ProxyPreserveHost On
        ProxyTimeout 180
        ProxyIOBufferSize 65536

Hope someone run into similar...

Thank you for your time!

[Ray Bon]

Jacob,

The communication between the client and cas must be secured.

Here is one I have:

        SSLEngine on

        SSLCertificateFile      /etc/ssl/certs/democasclientlocal_uvic_ca.crt

        SSLCertificateKeyFile /etc/ssl/private/democasclientlocal_uvic_ca.key

        ProxyPreserveHost On

        ProxyPass / ajp://localhost:8014/

        ProxyPassReverse / ajp://localhost:8014/

        ServerName democasclientlocal.uvic.ca

Ray

On Tue, 2021-02-02 at 08:22 -0800, Jacob Subirada wrote:

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

-- 

Ray Bon

Programmer Analyst

Development Services, University Systems

2507218831 | CLE 019 | rb...@uvic.ca

I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations.