Reputation: 352
Executing CGI Scripts with Apache+SSL
I'm having some problems trying to execute a CGI script through apache. This script is identical to the OpenLayers proxy.cgi which allows to make AJAX requests outside of one's domain. This script runs smoothly and without any errors using normal apache configuration (without SSL), but! when I enable SSL, it starts to behave erratically.
Let me show you first my apache configuration for SSL:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName 172.22.1.37
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/apache2/ca/apache-server.crt
SSLCertificateKeyFile /etc/apache2/ca/apache-server.key
SSLCertificateChainFile /etc/apache2/ca/proba.crt
SSLCACertificateFile /etc/apache2/ca/proba.crt
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
Alias /mapviewer "/var/www/mapviewer/"
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AddHandler cgi-script .cgi
DocumentRoot /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride All
Options +ExecCGI -Multiviews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
So, SSL loads correctly, since I have tried other webapps and they run smoothly in https, the problem is this app that uses the proxy.cgi
Weird thing is that when I start apache, at the beginning it will work correctly without any problem, but after a time (I'm not sure if it's dependent on time or number of request, although after testing I'd say it's the former) when the javascript code calls this proxy.cgi script, the request will just hang there and, in the end, be aborted due to "timeout".
Do I need to enable any other option to execute cgi scripts through https? is there something I'm missing? I can put the proxy.cgi code but I don't think it has anything to do since it has proven to work correctly, the problem here is that with SSL enabled, it won't be executed.
Thanks for reading!
Upvotes: 3
Views: 5290
Answers (2)
Reputation: 352
First of all, Thanks to Joseph Myers for his suggestions cause even if they did not provide a solution, they helped me toward it. What he said about zombie processes made sense and after having a deeper look I realized that instead of loading mod_cgid on apache start up, it loaded mod_cgi instead. The difference is quite noticeable, knowing (after having a look at httpd documentation) that mod_cgid
creates an external daemon that is responsible for forking child processes to run CGI scripts
and it also seems that it's the default, instead of cgi. I cannot remember myself changing that, but hell, who knows, it works now!
tl;dr, don't use mod_cgi! use mod_cgid instead!
Upvotes: 3
Reputation: 6552
I have had problems like this at times, and nearly all of them have been solved by forcing a "Connection: close" in every HTTPS response. It should be printed in the HTTP header. Also, make sure that the proxy.cgi script closes/exists after every run to make sure that the Apache SSL process isn't getting filled up with zombie processes that never close themselves.
Upvotes: 2
Related Questions
- CGI won't run just download on Apache server
- How to run cgi script on apache server
- How do I run a cgi script on an apache web server
- Setting up apache2 to execute cgi scripts
- Use CGI to Run Scripts that Modify Files
- Executing a CGI script via javascript
- Configure Apache2 to allow clients to run Perl Scripts in cgi-bin
- Problem with Executing CGI Scripts on Apache
- Executing shell scripts from a web browser in linux
- How can I run my perl CGI script without apache?