Invalid SSL configuration causes memory leak in WebSEAL Process

Invalid SSL configuration causes memory leak in WebSEAL Process

If we are using LDAP replicas with SSL connections and have configured the LDAP stanza of the WebSEAL configuration to not use SSL, a memory leak condition occurs.

Symptom

Memory increases on the WebSEAL process that requires the WebSEAL process to be restarted or if it is left running, it eventually restarts with an OOM crash condition.

Cause

When we are configuring LDAP stanza of webseal.conf:
ssl-enabled = no With a combination of LDAP replicas configured for SSL in the ldap.conf file:
replica = <ldap_hostname>,636 ,readwrite,4 replica = <ldap_hostname>,636 ,readwrite,3 replica = <ldap_hostname>,636,readwrite,2
Port 636 is an LDAP SSL port.
Resolving the Problem

When we are configuring the LDAP stanza of webseal.conf:
ssl-enabled = yes

Parent topic: Troubleshoot on the appliance