OHS SSL Request LimitRequestFieldSize Directive Ignored and Header Request Size Unknown
(Doc ID 2391162.1)
Last updated on JUNE 29, 2021
Applies to:Oracle HTTP Server - Version 22.214.171.124.0 and later
OHS ssl.conf LimitRequestFieldSize directive configured to set the number of bytes allowed for HTTP request headers to be larger than the default, 8190 bytes, for SSL requests.
However, the $DOMAIN_HOME/servers/<ohs name>/logs/access_log shows HTTP status 400 (Bad Request) errors.
The access_log does not capture the request header size sent; therefore, it is unclear if LimitRequestFieldSize limit is exceeded, and it is not known to how to test LimitRequestFieldSize.
OHS ssl.conf edited to include LimitRequestFieldSize.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document