Ask Your Question

keystone PKI token [closed]

asked 2013-12-20 03:42:44 -0600

nethawk gravatar image

updated 2013-12-23 01:44:43 -0600

I use PKI token,and I run keystone in apache. When I test the performance of keystone(using POST /tokens),I found it will create many processes like this: apache 2970 2242 0 17:17 ? 00:00:00 openssl cms -sign -signer /etc/keystone/ssl/certs/signing_cert.pem -inkey /etc/keystone/ssl/private/signing_key.pem -outform PEM -nosmimecap -nodetach -nocerts -noattr

And the max nunmber of these processes is 195. Once these processes are createed,they will not be closed until I kill them. But when I test a single API or login from dashboard, there is no such process.

If I do not run keystone in apache,there is also no these processes.

That's Why?

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by nethawk
close date 2013-12-23 20:25:42.840061

1 answer

Sort by ยป oldest newest most voted

answered 2013-12-23 20:25:13 -0600

nethawk gravatar image

Today,I have already know the reason of this question. Openssl is thread-unsafe,so I must start multi apache processes but sigle thread.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-12-20 03:42:44 -0600

Seen: 108 times

Last updated: Dec 23 '13