I recently moved from manually configured Puppetmaster under passenger to fully managed using theforeman/puppet module. Now I am experiencing constant crashes (every few minutes) of the passenger process that runs the puppetmaster. Host is CentOS 6.5 running Puppet 3.4.3. This is the entry I see in /var/log/httpd/puppet_error_ssl.log: [Tue Mar 25 16:25:26 2014] [error] [client 127.0.0.1] Premature end of script headers: production This is the entry I see in /var/log/httpd/error_log /usr/lib/ruby/site_ruby/1.8/puppet/parser/ast.rb:49: [BUG] rb_gc_mark(): unknown data type 0x20(0x2e6b230) non object ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux] [ pid=28256 thr=139906534451168 file=ext/apache2/Hooks.cpp:841 time=2014-03-25 16:25:26.86 ]: The backend application (process 32724) did not send a valid HTTP response; instead, it sent nothing at all. It is possible that it has crashed; please check whe. /etc/httpd/conf.d/passenger.conf: LoadModule passenger_module modules/mod_passenger.so <IfModule mod_passenger.c> PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.19 PassengerRuby /usr/bin/ruby PassengerTempDir /var/run/rubygem-passenger </IfModule> /etc/httpd/conf.d/25-puppet.conf # ************************************ # Vhost template in module puppetlabs-apache # Managed by Puppet # ************************************ <VirtualHost *:8140> ServerName puppet ## Vhost docroot DocumentRoot "/etc/puppet/rack/public/" ## Directories, there should at least be a declaration for /etc/puppet/rack/public/ <Directory "/etc/puppet/rack/public/"> AllowOverride None Order allow,deny Allow from all PassengerEnabled On </Directory> ## Load additional static includes ## Logging ErrorLog "/var/log/httpd/puppet_error_ssl.log" ServerSignature Off CustomLog "/var/log/httpd/puppet_access_ssl.log" combined ## SSL directives SSLEngine on SSLCertificateFile "/var/lib/puppet/ssl/certs/puppet.<DOMAIN>.pem" SSLCertificateKeyFile "/var/lib/puppet/ssl/private_keys/puppet.<DOMAIN>.pem" SSLCertificateChainFile "/var/lib/puppet/ssl/ca/ca_crt.pem" SSLCACertificatePath "/etc/pki/tls/certs" SSLCACertificateFile "/var/lib/puppet/ssl/ca/ca_crt.pem" SSLCARevocationFile "/var/lib/puppet/ssl/ca/ca_crl.pem" SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData ## Request header rules ## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#requestheader RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e RequestHeader unset X-Forwarded-For ## Custom fragment </VirtualHost> Any suggestions or means to work around this issue? Thanks - Trey -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/570ab513-d4e3-4c42-9481-c53ac49e2845%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.