Skip to main content
Version: 8.2411.x.x RR

Server configuration

nevisProxy server properties are configured via the four tags Service, Core, Timer, and Server. The Qos tag defines some frequently used attributes of Apache's quality of the service module mod_qos. By setting the Qos tag parameters, you enable a basic protection against denial of service (DoS) attacks. The Qos tag is optional.

Service

The attributes in the following table are only relevant for integration purposes and are mainly documented here as a reference. If nevisProxy is installed using the delivered package, none of these parameters need to be changed. The Service section does not contain any operation-relevant parameters (e.g., scaling).

commandLine

Type: String
Usage Constraints: optional, advanced
Default: <spool_dir>/run

The attribute configures the command line arguments that will be used for starting the server. For example the argument commandLine="-X" starts the Apache server in debug mode. With the argument NAVAJOgroup=<group-name> the group of the initial process can be configured. If configured, a setgid(..) call will be made. If an error occurs, an error message will be traced on stderr but without terminating the process.

hostTemplate

Type: String
Usage Constraints: required, advanced
Default: /opt/nevisproxy/etc/host2.template

Specifies the path to the template file used for creating the host part of the generated Apache configuration file (httpd.conf). It is not recommended to change this setting.

name

Type: String
Usage Constraints: optional, advanced
Default: isi3web

The attribute 'name' is a logical name. It is reserved for future use, e.g. running several services in one carrier server. This value should not be changed.

spoolDir

Type: String
Usage Constraints: required, advanced
Default: <spool_dir>

The path of the spooldir, i.e. the directory that contains the directory 'logs' for log files and 'run' for runtime data. This value should not be changed (must not be an NFS-mounted directory).

serverTemplate

Type: String
Usage Constraints: required, advanced
Default: </opt/nevisproxy/etc/server2.template

The attribute 'serverTemplate' specifies the path to the template file used to create the server part of the generated Apache 2 configuration file. Should not be changed.

verbose

Type: boolean
Usage Constraints: optional
Default: false

The attribute 'verbose' specifies server verbosity. If set to 'true', the message of all caught exceptions is sent to the client. Should be set to 'false' in production.

crashRecoveryStrategy

Type: enum
Possible values: recover, block, kill Usage Constraints: optional, advanced
Default: recover

Specifies what should happen after a worker crash. By default, the child process is recovered by the parent process. This is the recommended strategy for classic deployments. If block is configured, after a worker crash every request will be blocked by 503 Service Unavailable status code. If kill is configured, the whole nevisproxy process (including the parent process) will be killed. This works only if the owner of the child process has the rights to kill the parent process (for example in some Kubernetes setups). If the parent cannot be killed, then the behaviour will be the same as block. The strategies block and kill are mainly designed for Kubernetes setups with an automated liveness monitoring, so the given pod can be terminated normally in case of a crash. If you set block or kill for a classic deployment, make sure to setup an automated procedure to restart nevisProxy after a crash. Note for testing: with the strategy block and kill, the blocking takes place only if at least one request is in processing when the crash occurs.

Core

The attributes in the following table are only relevant for integration purposes and are mainly documented here for reference. If nevisProxy is installed using the delivered package, none of these parameters needs to be changed. The Core section does not contain any operation-relevant parameters.

workDir

Type: String
Usage Constraints: required
Default: <spool_dir>/run

The attribute workDir configures the directory for the internal files. Should not be changed (may not be an NFS-mounted directory).

Timer

Timers are used to trigger asynchronous functions like the periodic check of the session cache for expired sessions.

periodicity

Type: Integer
Unit: seconds
Default: 60

Configures the periodicity of the internal timer. A session with an absolute timeout of 2 hours would therefore have a real maximum lifetime of 2 hours and 60 seconds, in this case. Setting the value to a lower number, in turn, leads to more load.

OpenTelemetry

The OpenTelemetry configuration tag integrates the OpenTelemetry standard to export observability data to a variety of open source and commercial backends.

This tag contains the tags Trace and Metrics.

Trace

The Trace configuration tag contains the values that are used to send tracing information to the OpenTelemetry service.

ExporterType

Type: Enum
Possible values: http
Default: http

Configures the protocol used for communicating with the traces endpoint.

ExporterAddress

Type: String
Usage Constraints: required if ExporterType is set to http
Syntax: <hostname>:<port>

Target URL to which the exporter sends spans. The /v1/traces path is automatically attached to it.

PropagateContextExtract

Type: Boolean
Usage Constraints: optional
Default: true

If present, extracts the trace context from the HTTP request header and sets it as parent for the current span.

PropagateContextInject

Type: Boolean
Usage Constraints: optional
Default: true

Injects the current context (span ID, trace ID, etc) as a HTTP header to the request.

ResourceServiceName

Type: String
Usage Constraints: optional
Default: nevisproxy

Allows the configuration of the service.name key-value pair resource attribute.

DeploymentEnvironment

Type: String
Usage Constraints: optional
Default: not set

Allows the configuration of the deployment.environment key-value pair resource attribute.

CaptureRequestHeaders

Type: String
Usage Constraints: optional
Default: Content-Type, Content-Length, User-Agent, Referer, Host, X-Forwarded-For

A comma-separated list of HTTP header names. HTTP client instrumentation will capture HTTP request header values for all configured header names.

CaptureResponseHeaders

Type: String
Usage Constraints: optional
Default: Content-Type, Content-Length, Content-Encoding, Location, Server, Connection, Keep-Alive, X-Forwarded-For

A comma-separated list of HTTP header names. HTTP client instrumentation will capture HTTP response header values for all configured header names.

Sampler

Type: Enum
Possible values: AlwaysOn, AlwaysOff, ParentBased:<delegate_sampler>, TraceIdRatio:<ratio>
Usage Constraints: optional
Default: AlwaysOn

Configures the available head sampling methods. Possible values are:

  • AlwaysOn: Samples every trace. With high traffic in a production application it may cause significant overhead.
  • AlwaysOff: Samples no traces. NevisProxy still generates the spanID for internal trace ID.
  • TraceIdRatio:<ratio>: Samples a given fraction of traces based on the configured ratio.
  • ParentBased:<delegate_sampler>: Makes the decision based on the parent of the span. If the span has a parent, the sampler flag of the parent span will decide. If there is no parent span, the delegate sampler is used, that can be any of the samplers above.

PropagateTraceparentHeader

Type: Boolean
Usage Constraints: optional
Default: false

Controls if the traceparent header should be propagated back to the frontend with the response. If enabled, the parameter PropagateContextExtract has to be true.

Metrics

The Metrics configuration tag contains the values that are used to send metrics information to the OpenTelemetry service.

ExporterType

Type: Enum
Usage Constraints: optional
Possible values: http
Default: http

Configures the protocol used for communicating with the metrics endpoint.

ExporterAddress

Type: String
Usage Constraints: required if ExporterType is set to http
Syntax: <hostname>:<port>

Target URL to which the exporter sends metrics like number of session or used memory etc. The /v1/metrics path is automatically attached to it.

Timeout

Type: Integer
Unit: milliseconds
Usage Constraints: optional
Default: 30000

Length of time the export can run before it is cancelled.

Interval

Type: Integer
Unit: seconds
Usage Constraints: optional
Default: 60

Number of seconds for the telemetric's metric reader to initiate metric collection.

ResourceServiceName

Type: String
Usage Constraints: optional
Default: nevisproxy

Allows the configuration of the service.name key-value pair resource attribute.

DeploymentEnvironment

Type: String
Usage Constraints: optional
Default: not set

Allows the configuration of the deployment.environment key-value pair resource attribute.

Trace example

A request trace contains the following extra attributes:

  • url.full: Request URL
  • url.scheme: HTTP request scheme
  • client.address: Client IP of the request
  • session.id: session ID of the request
  • http.request.method: HTTP request method
  • http.header.request.<header_name>: list of request headers
  • http.header.response.<header_name>: list of response headers
  • http.response.status_code: Status code of the response
  • http.response.events: list of events
  • http.request.cR: number of concurrent requests
  • http.request.dTF: Total time needed to process the frontend call
  • http.request.dTP: Total time spent in nevisProxy
  • http.request.dTB: Total time needed to process the backend call

A sample request trace:

2024-08-12T08:48:56.217Z info TracesExporter {"kind": "exporter", "data_type": "traces", "name": "logging", "resource spans": 1, "spans": 1}
2024-08-12T08:48:56.218Z info ResourceSpans #0
Resource SchemaURL:
Resource attributes:
-> telemetry.sdk.version: Str(1.16.1)
-> telemetry.sdk.name: Str(opentelemetry)
-> telemetry.sdk.language: Str(cpp)
-> service.version: Str(8.2405.0)
-> host.name: Str(localhost.localdomain)
-> service.name: Str(nevisproxy)
-> deployment.environment: Str(testing)
ScopeSpans #0
ScopeSpans SchemaURL:
InstrumentationScope nevisproxy
Span #0
Trace ID : afa1f2963d9321f770d70e745ccecda1
Parent ID :
ID : d1ddd32027068451
Name : /test/
Kind : Server
Start time : 2024-08-12 08:48:56.210154476 +0000 UTC
End time : 2024-08-12 08:48:56.211377063 +0000 UTC
Status code : Unset
Status message :
Attributes:
-> url.full: Str(https://localhost/test/)
-> url.scheme: Str(https)
-> http.request.method: Str(GET)
-> client.address: Str(10.0.2.15)
-> http.header.request.User-Agent: Str(Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0)
-> http.header.request.Cookie: Str(NPSession=9442007f0100QQwl9qElSUjnTlGkr9ROmDfW3vXtQQLzcr1JEFu1BuAFVI)
-> http.header.request.Host: Str(localhost)
-> session.id: Str(<NULL>)
-> http.response.status_code: Int(200)
-> http.response.events: Str(<NULL>)
-> http.header.response.Content-Type: Str(text/html)
-> http.request.cR: Int(1)
-> http.request.dTF: Int(2)
{"kind": "exporter", "data_type": "traces", "name": "logging"}

Metrics example

The list of servlets providing metrics:

  • LocalSessionStoreServlet
  • MySQLSessionStoreServlet
  • PostgreSQLSessionStoreServlet
  • Http(s)ConnectorServlet
  • Esauth4ConnectorServlet
  • WebSocketServlet
  • BackendConnectorServlet

While the session store servlets provide metrics about session usage:

  • nevisproxy.db.<db_type>.used: number of active users
  • nevisproxy.db.<db_type>.timed_out: number of timed out users
  • nevisproxy.db.<db_type>.deleted: number of removed users (mysql and postgres)
  • nevisproxy.db.<db_type>.zombies: number of zombie entries (mysql and postgres)
  • nevisproxy.db.local.memory.used: used memory (only for local)
  • nevisproxy.db.local.memory.available: available memory (only for local)

The connectors provide metrics about their all of their configured resources availability and load:

  • nevisproxy.connector.http.<resource_name>.<resource_port>.reqPerSec: Request per seconds on the given resource
  • nevisproxy.connector.http.<resource_name>.<resource_port>.valid: Availability of the resource
  • nevisproxy.connector.http.<resource_name>.<resource_port>.load: Load on the resource
  • nevisproxy.connector.http.<resource_name>.<resource_port>.<status_code>: Number of responses with the given status code

The BackendConnectorServlet provides currently just the number of responses with the given status code.

Session store servlet metrics example

An example metrics provided by the LocalSessionStoreServlet:

2024-03-22T13:23:46.629Z info MetricsExporter     {"kind": "exporter", "data_type": "metrics", "name": "logging", "resource metrics": 1, "metrics": 7, "data points": 14}
2024-03-22T13:23:46.630Z info ResourceMetrics #0
Resource SchemaURL:
Resource attributes:
-> telemetry.sdk.version: Str(1.12.0)
-> telemetry.sdk.name: Str(opentelemetry)
-> telemetry.sdk.language: Str(cpp)
-> service.version: Str(8.2405.0)
-> host.name: Str(localhost.localdomain)
-> service.name: Str(defaultInstance)
-> deployment.environment: Str(prod)
ScopeMetrics #1
ScopeMetrics SchemaURL:
InstrumentationScope LocalSessionStoreServlet
Metric #0
Descriptor:
-> Name: nevisproxy.db.local.memory.available
-> Description:
-> Unit: Bytes
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 1073653984
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 1
Metric #1
Descriptor:
-> Name: nevisproxy.db.local.memory.used
-> Description:
-> Unit: Bytes
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 81304
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 1
Metric #2
Descriptor:
-> Name: nevisproxy.db.local.timed_out
-> Description:
-> Unit:
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 0
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 1
Metric #3
Descriptor:
-> Name: nevisproxy.db.local.used
-> Description:
-> Unit:
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 0
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623341289 +0000 UTC
Value: 1
{"kind": "exporter", "data_type": "metrics", "name": "logging"}

Connector servlet metrics example

An example metrics provided by the HttpConnectorServlet:

2024-03-22T13:23:46.629Z info MetricsExporter     {"kind": "exporter", "data_type": "metrics", "name": "logging", "resource metrics": 1, "metrics": 7, "data points": 14}
2024-03-22T13:23:46.630Z info ResourceMetrics #0
Resource SchemaURL:
Resource attributes:
-> telemetry.sdk.version: Str(1.12.0)
-> telemetry.sdk.name: Str(opentelemetry)
-> telemetry.sdk.language: Str(cpp)
-> service.version: Str(8.2405.0)
-> host.name: Str(localhost.localdomain)
-> service.name: Str(defaultInstance)
-> deployment.environment: Str(testing)
ScopeMetrics #0
ScopeMetrics SchemaURL:
InstrumentationScope HttpConnectorServlet
Metric #0
Descriptor:
-> Name: nevisproxy.connector.http.localhost.8080.reqPerSec
-> Description:
-> Unit:
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623301228 +0000 UTC
Value: 0.000000
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623301228 +0000 UTC
Value: 1.000000
Metric #1
Descriptor:
-> Name: nevisproxy.connector.http.localhost.8080.load
-> Description:
-> Unit:
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623301228 +0000 UTC
Value: 0
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623301228 +0000 UTC
Value: 1
Metric #2
Descriptor:
-> Name: nevisproxy.connector.http.localhost.8080.valid
-> Description:
-> Unit:
-> DataType: Sum
-> IsMonotonic: false
-> AggregationTemporality: Cumulative
NumberDataPoints #0
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623301228 +0000 UTC
Value: 1
NumberDataPoints #1
Data point attributes:
-> type: Str(nevis-product-analytics)
StartTimestamp: 2024-03-22 13:22:06.61830423 +0000 UTC
Timestamp: 2024-03-22 13:23:46.623301228 +0000 UTC
Value: 1

Server

The Server configuration tag contains the values that are used for the server part of the generated Apache configuration. The next table describes the relevant attributes. Note that all these attributes support variable replacement.

All listed parameters are directives of the Apache carrier server. They are documented in the corresponding Apache documentation: official Apache documentation.

NameType, Usage constraints, DefaultDescription
Userstring required, advanced default: @PROXY_RT_USER@The attribute User configures the owner of the running nevisProxy process. Should not be changed, as changes may lead to permission problems. If you set this attribute yourself, make sure that the ownership of the configuration, log files, and access to the binaries are set accordingly.
Groupstring required, advanced default: @PROXY_RT_GROUP@The attribute Group configures the process group of the current nevisProxy process. Should not be changed, as changes may lead to permission problems. If you set this attribute yourself, make sure that the ownership of the configuration, log files, and access to the binaries are set accordingly.
KeepAliveenum: on, off optional, advanced default: onThe attribute KeepAlive configures the HTTP keepalive behavior of the frontend connectors of nevisProxy. If set to "on", it enables HTTP persistent connections. The thread or process remains bound to the client and cannot be used by others during the time period defined by the attribute KeepAliveTimeout.
KeepAliveTimeoutinteger [seconds] optional scaling, advanced default: 5Defines the number of seconds Apache HTTPD will wait for a subsequent request before closing the connection. By adding the postfix ms the timeout can be also set in milliseconds.
MaxKeepAliveRequestsinteger optional, scaling default: 100The attribute MaxKeepAliveRequests limits the number of requests allowed per connection when the attribute KeepAlive is "on". If it is set to "0", an unlimited number of requests is allowed. It is recommended setting a high value for maximum server performance.
MaxClientsinteger optional, scaling default: 600MaxClients is the old name for the attribute MaxRequestWorkers. The attribute limits the number of simultaneous requests that will be served.
MaxRequestsPerChildinteger optional, advanced default: 0 (unlimited)MaxRequestsPerChild is the old name for the MaxConnectionsPerChild attribute. It limits the number of connections that an individual child server process will handle. After MaxRequestsPerChild connections, the child process will die. If the value of the attribute is "0", the process will never expire. Should not be changed.

Timeout

Type: Integer
Unit: seconds
Usage Constraints: optional, scaling
Default: 30

Amount of time the server will wait for certain events before failing a request.

LimitRequestLine

Type: Integer
Usage Constraints: optional, security
Default: 5120

Limits the size of the HTTP request line that will be accepted from the client.

LimitRequestBody

Type: Integer
Unit: byte
Usage Constraints: optional, scaling
Default: 512000

The attribute specifies the number of bytes that are allowed in a request body. It restricts the total size of the HTTP request body sent from the client. Allowed are integers from 0 (unlimited) to 2147483647 (2GB).

LimitRequestFields

Type: Integer
Usage Constraints: optional, security
Default: 50

Limits the number of HTTP request header fields that will be accepted from the client. Allowed are integers from 0 (unlimited) to 32767.

LimitRequestFieldsize

Type: Integer
Unit: byte
Usage Constraints: optional, security
Default: 5120

Limits the size of the HTTP request header allowed from the client.

LimitRequestParameters

Type: Integer
Usage Constraints: optional, security
Default: 10000

The maximum number of parameters allowed in a request.

LogLevel

Type: Enum
Usage Constraints: optional, troubleshooting
Default: notice

The LogLevel attribute adjusts the verbosity of the messages recorded in the error logs. The directive LogLevel can be used to configure per-module log levels. Specifying a level without a module name will reset the level for all modules to that level. Specifying a level with a module name will set the level for that module only. For the available options, see the official Apache documentation.

ErrorLog

Type: String
Usage Constraints: required, advanced
Default: "&quot;\|@PKG_HOME@/bin/bclogmgr size=1000000 archives=10 @PKG_VAR@/@PKG_INSTANCE@/logs/apache.log&quot;"

Location where the server will log errors. In the pkg default configuration, the file rotation of the error log is enabled using the bclogmgr. The character must be escaped in XML using &quot;. The directory containing the logs must exist when starting the instance. The nevisProxy user must be able to read and write in this directory. See its username and group in the <Server> element of the navajo.xml file.

TransferLog

Type: String
Usage Constraints: optional, basic
Default: "&quot;\|@PKG_HOME@/bin/bclogmgr size=10000000 archives=10 @PKG_VAR@/@PKG_INSTANCE@/logs/access.log&quot;"

Specifies the location of the access log file. In the pkg default configuration, the file rotation of the transfer log is enabled using the bclogmgr. The character must be escaped in XML using &quot;. The directory containing the logs must exist when starting the instance. The nevisProxy user must be able to read and write in this directory. See its username and group in the <Server> element of the navajo.xml file. See also Enabling the Apache transfer log.

CustomLog

Type: String
Usage Constraints: optional, advanced
Default: "&quot;\|@PKG_HOME@/bin/qslog -f ISBDUkEa -x -u @PROXY_RT_USER@ -o @PKG_VAR@/@PKG_INSTANCE@/logs/stat.log&quot; &quot;%h %>s %b %D %{clID}e %k %{Event}e %{dTr1B}e&quot;"

Configures an additional log facility. The character must be escaped in XML using &quot;. The directory containing the logs must exist when starting the instance. The nevisProxy user must be able to read and write in this directory. See its username and group in the <Server> element of the navajo.xml file. See also Using the Apache CustomLog.

LogFormat

Type: String
Usage Constraints: optional, advanced
Default: "&quot;%h %l %u %t \&quot;%r\&quot; %>s %b %{content-length}i %T \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; trID=%{UNIQUE_ID}e&quot;"

This attribute specifies the format of the access log file. Note: The character must be escaped in XML using &quot;

ServerName

Type: String
Syntax: [scheme://]domain-name|ip-address[:port]
Usage Constraints: basic connectivity
Default: DNS name of the machine

The attribute ServerName sets the request scheme, hostname and port that the server uses to identify itself.

ServerRoot

Type: String
Usage Constraints: required, advanced
Default: @PKG_VAR@/@PKG_INSTANCE@

The attribute ServerRoot configures the root directory of the Apache web server. Should not be changed.

ServerSignature

Type: Enum
Possible values: On, Off, EMail
Usage Constraints: optional, troubleshooting
Default: Off

Configures the Apache directive "ServerSignature". Usually this should not be changed.

ServerTokens

Type: Enum
Possible values: Major, Minor, Min[imal], Prod[uctOnly], OS, Full
Usage Constraints: optional, troubleshooting
Default: Prod

This attribute controls whether the Server response header field, which is sent back to clients, includes a description of the generic OS-type of the server as well as information about compiled-in modules. This setting applies to the entire server. It cannot be enabled or disabled on a virtualhost-by-virtualhost basis. Possible values:

  • Full: Server: Apache/2.4.2 (Unix) PHP/4.2.2 MyMod/1.2
  • Prod[uctOnly]: Server: Apache
  • Major: Server: Apache/2
  • Minor: Server: Apache/2.4
  • Min[imal]: Server: Apache/2.4.2
  • OS: Server: Apache/2.4.2 (Unix)

Include

Type: String
Usage Constraints: optional, advanced
Default: not set

Use this attribute to include any additional Apache configuration fragment.

CoreDumpDirectory

Type: String
Usage Constraints: optional, troubleshooting
Default: not set

The attribute CoreDumpDirectory configures the directory to which the Apache web server writes core files.

UseCanonicalName

Type: Enum
Possible values: On, Off, DNS
Usage Constraints: optional, troubleshooting
Default: On

Configures how the server determines its own name and port. For more information, see the official Apache documentation.

ThreadStackSize

Type: Integer
Usage Constraints: optional, scaling
Default: 1048576

Defines the size in bytes of the stack used by threads handling client connection.

HttpProtocolOptions

Type: String
Usage Constraints: optional, advanced
Default: not set

Modifies restrictions on HTTP Request Messages. Syntax: [Strict|Unsafe] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0]

SSLPassPhraseDialog

Type: String
Usage Constraints: optional, advanced
Default: builtin

Configures the passphrase retriever used by mod_ssl. Only the "builtin" option is supported. For information on how the passwords for password protected keys are fetched, see the description of the bc properties bc.security.PassPhrasePolicy and bc.security.PassPhraseDialog in the chapter Low-level properties.

SSLSessionCache

Type: String
Usage Constraints: optional
Default: shmcb:@PKG_VAR@/@PKG_INSTANCE@/run/apache_shmcb

This attribute defines the TLS session cache. The following value options are available:

  • None: This setting disables the global/inter-process TLS session cache. It will incur a noticeable speed penalty and may cause problems if using certain browsers, particularly if client certificates are enabled. We do not recommend this setting. Removing the parameter sets the SSLSessionCache to none.
  • Nonenotnull: This setting disables any global/inter-process TLS session cache. However, the setting does force OpenSSL to send a non-null session ID, to accommodate buggy clients that require one.
  • shmcb:/path/to/datafile[(size): This setting makes use of a high-performance cyclic buffer (approx. (size) bytes in size) inside a shared memory segment in RAM (established via/path/to/datafile), to synchronize the local OpenSSL memory caches of the server processes. The default parameter of SSLSessionCache refers to the generated xml’s content.

SSLSessionCacheTimeout

Type: Integer
Usage Constraints: optional
Unit: seconds
Default: 300

Defines the number of seconds before an SSL session expires in the Session Cache. This directive sets the timeout in seconds for the information stored in the global/inter-process SSL Session Cache, the OpenSSL internal memory cache and for sessions resumed by TLS session resumption (RFC 5077). It can be set as low as 15 for testing, but should be set to higher values like 300 in real life.