Skip Headers
Oracle® HTTP Server Administrator's Guide
10g Release 2 (10.1.2)
  Go To Documentation Library
Go To Product List
Solution Area
Go To Table Of Contents
Go To Index


G Troubleshooting Oracle HTTP Server

This appendix describes common problems that you might encounter when using Oracle HTTP Server, and explains how to solve them.

It contains the following topics:

G.1 Problems and Solutions

This section describes common problems and solutions. It contains the following topics:

G.1.1 Intermittent HTTP-500 errors

Certain Microsoft Internet Explorer security patches have resulted in intermittent HTTP-500 errors, such as MOD_OC4J_0145, MOD_OC4J_0119, MOD_OC4J_0013 errors, when the KeepAlive directive is set on "On" in Oracle HTTP Server.


Intermittent HTTP-500 errors caused by bug in Microsoft Internet Explorer.


There are two possible solutions for this problem:

  • Patch all the client Internet Explorer browsers.

  • If the preceding option is not practical, set KeepAlive to "Off" in Oracle HTTP Server.

Consult Metalink Note 269980.1 on for details regarding this issue. The easiest way to access the note is to click the Advanced Search button at the top of the OracleMetalink site, and search for Doc ID "269980.1".

See Also:


G.1.2 Firewall Between Oracle HTTP Server and OC4J Blocks Connections

Oracle HTTP Server is unable to forward requests to OC4J when certain firewalls are used between them.


Oracle HTTP Server processes maintain persistent connections with OC4J processes. If the firewall times out a connection before Oracle HTTP Server does, then requests to the OC4J processes can result in errors, or can take a very long time, depending on how the firewall and the operating system are configured.


Set the Oracle HTTP Server directive OC4JConnTimeout to a value less than that of the firewall timeout (this is firewall specific).

G.1.3 Client IP Address Not Passed Through OracleAS Web Cache

When client IP is not passed through OracleAS Web Cache, it can create issues such as:

  • Client IP security does not work for allow/deny.

  • Access_log has OracleAS Web Cache IP address instead of the client's IP address.

  • OC4J request.getRemoteAddr() returns OracleAS Web Cache IP address.


Normally, when OracleAS Web Cache is used, its IP address is the address seen by Oracle HTTP Server. You can use the UseWebCacheIp configuration option, which is not set by default, to enable Oracle HTTP Server to obtain the IP address of the client.


Set UseWebCacheIp On in your httpd.conf file.

G.1.4 Certificate Information Lost When Using OracleAS Web Cache

Certificate information is not available to OC4J applications when OracleAS Web Cache is used.


When SSL is terminated at OracleAS Web Cache, information is not passed to Oracle HTTP Server and OC4J applications by default.


Use Certheaders feature, which enables the passing of SSL information, such as configuration information, from OracleAS Web Cache to Oracle HTTP Server.

G.1.5 Oracle HTTP Server Unable to Start Due to Port Conflict

You can get the following error if Oracle HTTP Server is unable to start due to port conflict:

[crit] (98) Address already in use: make_sock: could not bind to port 7778


Oracle HTTP Server is unable to start as its port number is being used by another process.


Determine what process is already using the port by pointing a browser at the address assigned to Oracle HTTP Server and viewing the results. Depending on the results, either change the IP:port address of Oracle HTTP Server, or that of the conflicting process.

G.1.6 Machine Overloaded by Number of HTTPD Processes

When there are too many httpd processes running on a machine, the response time plummets.


When too many httpd processes are started, there are insufficient resources for normal processing.


Lower value of MaxClients to a value the hardware box can accommodate.

See Also:


G.1.7 Permission Denied When Starting Oracle HTTP Server on Port Below 1024

You will get the following errors if you try to start Oracle HTTP Server on port below 1024:

Bind errors on ports below 1024: PERMISSION DENIED: MAKE_SOCK: COULD NOT BIND TO PORT 443.


Oracle HTTP Server will not start on ports below 1024 because root privileges are needed to bind these ports. Also, steps to configure .apachectl have not been followed.


Perform the following steps to enable Oracle HTTP Server to run as root on ports below 1024:

  1. Log in as root.

  2. Run the following commands in the middle-tier Oracle home:

    cd ORACLE_HOME/Apache/Apache/bin
    chown root .apachectl
    chmod 6750 .apachectl

G.1.8 Oracle HTTP Server May Fail To Start If PM Files Are Not Located Correctly

Oracle HTTP Server may encounter the following error, and fail to start:

"[error] Can't locate in @INC (@INC contains:$ORACLE_HOME/perl/...)


[error] Can't locate in @INC (@INC contains: $ORACLE_HOME/per/...)


mod_perl needs to locate PM files kept under the ORACLE_HOME/Apache/Apache/mod_perl directory. Without these PM files, mod_perl will not start.


For UNIX, check that apachectl has correctly defined in the variable PERL5LIB. It should point to ORACLE_HOME/Apache/Apache/mod_perl/lib/site_perl/5.6.1/sun4-solaris

For Windows, check that the environment sub-section in the HTTP Server section in opmn.xml has a correct entry for PERL5LIB. It should point to ORACLE_HOME\Apache\Apache\mod_perl\lib\site_perl\5.6.1\lib

G.1.9 SSO Client Authentication Fails with Webcache Reverse Proxy

SSO client authentication fails with Webcache reverse proxy.


During SSO client login, the client certificate should be authenticated from the browser with the SSO server and connect successfully. However, it fails because the ssoServer.log shows it is trying to authenticate the certificate stored in the Webcache wallet and not the one from the browser.


Perform the following steps:

  1. Edit $ORACLE_HOME/Apache/Apache/conf/httpd.conf and make sure it has the following:

    LoadModule certheaders_module libexec/
    AddCertHeader HTTPS
    AddCertHeader SSL_CLIENT_CERT
  2. Edit the $ORACLE_HOME/sso/conf/sso_apache.conf, and comment out the following line:

    #SSLOptions +ExportCertData +StdEnvVars
  3. Run dcmctl updateconfig -ct ohs

  4. Run opmnctl restartproc type=ohs

  5. Test that the SSO server can be logged into with client authentication.

G.2 Need More Help?

You can find more solutions on OracleMetaLink, If you do not find a solution for your problem, log a service request.

See Also:

Oracle Application Server Release Notes, available on the Oracle Technology Network: