AH00288: scoreboard is full, not at MaxRequestWorkers

book

Article ID: 128935

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

We're unning a CA Access Gateway (SPS) and this one reports the error : 

  [Fri Mar 01 09:53:55.553673 2019] [mpm_worker:error] [pid 8594:tid 
  4152100608] AH00288: scoreboard is full, not at MaxRequestWorkers 

We'd like to know how to fix it. 

Cause

The error is a known bug in Apache, which is solved in Apache 2.4.25 : 

  Bug 53555 - Scoreboard full error with event/ssl 

  A high-traffic web server using event MPM and mostly receiving HTTPS 
  requests frequently got the error "scoreboard is full, not at 
  MaxRequestWorkers" and showed very bad performance. 

  [...] 

  Fixed in 2.4.25 

  https://bz.apache.org/bugzilla/show_bug.cgi?id=53555 

The CA Access Gateway (SPS) 12.52SP1CR01 run Apache 2.4.4 

  Third-Party Software Acknowledgments 

  Apache HTTP Web Server 2.4.4 

  https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/third-party-software-acknowledgments 

The CA Access Gateway (SPS) 12.52SP1CR09 runs Apache 2.4.33 which will 
solve this issue. 

  CA Access Gateway 

  | SalesForce | Internal | Issue Description                      |
  | Case       | Defect   |                                        |
  | Number     | ID       |                                        |
  |------------+----------+----------------------------------------|
  | 00949107   | DE342765 | OpenSSL is upgraded to OpenSSL 1.0.2o. |
  |            |          | Apache is upgraded to Apache 2.4.33.   |

  https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr09#DefectsFixedin12.52SP1CR09-smsps 

  Please note that Policy Server 12.52SP1CR01 is Out of Support : 

  CA Single Sign-On (formerly CA SiteMinder) Release and Support 
  Lifecycle Dates 

  12.52 February 28, 2019 - EOS 

  https://support.ca.com/us/product-content/status/support-life-cycle/indexes/ca-single-sign-on-release-and-support-lifecycle-dates.html 
 

Environment

Policy Server 12.52SP1CR01 on RedHat 6; 
CA Access Gateway (SPS) 12.52SP01CR01 on RedHat 6; 
 

Resolution

Upgrade the CA Access Gateway (SPS) to the latest version in order 
to get the Apache running on 2.4.33.