2008-01-16

Apache 413 error problems

I had an Apache 2.2.3 HTTPS server configured, and it kept complaining that the uploads were too large. I tried setting the php.ini settings, adding LimitRequestBody, nothing worked. It still died.

Then I looked in the ssl_error_log and discovered:

request body exceeds maximum size for SSL buffer

which was the hint I needed. I was using Apache SSL client certificates, which have a limit of 128K, and if re-negotiation has to happen, a larger POST will fail.

This Bugzilla posting had the clues - You have to set the following as DEFAULTS for your SSL server, not just the directory.

SSLVerifyClient require

Otherwise it forces a renegotiation of some sort, and fails with a 413 error.

No comments: