Warning: I have found a strange reason behind this behavior. The question below is obsolete. This is actually the followup for the gory particulars.


Setup:

  • A production server running SuSE Enterprise 11 and my Django 1.1 application.
  • The applying has been offered with Apache (mod_wsgi) over HTTPS with client certificates (SSLVerifyClient require).
  • Tests are done in the same box by visiting the particular IP from the server, i.e. you will find no proxies among.
  • No caching modules in Apache are installed (listed here are active: alias dir env expires headers include log_config mime rewrite setenvif ssl authz_host proxy proxy_http proxy_connect (no configuration of these three) unique_id wsgi).

The particular problem:

  • A particular page (military services weapons image) creates a 500 error rather than 404 under certain conditions (due to Django, there's always a 302 redirect first to include a trailing slash).
  • It's in some way certificate-dependant: most client certificates always obtain a 404, however, many don't. Certificates happen to be in comparison with no difference found.
  • Whenever a "Cache-control: no-cache" is distributed towards the server, no 500 is came back, but an effective 404 rather.
  • All of this happens only on a single server, test servers don't expose this issue despite the fact that the program is mainly identical.

To reiterate:

  • "Good" client certificate = always 302 + 404
  • "Bad" client certificate + "Cache-control: no-cache" = always 302 + 404
  • "Bad" client certificate without cache control = always 302 + 500.

Any ideas?

PS: If this sounds like more appropriate for ServerFault, please move it or leave a notice that i can request this there.

Information as asked for by commenters

  • If this 500 error happens, I am obtaining a Request origin could not be validated. from mod_wsgi within the logs, which, based on the author of mod_wsgi really shouldn't happen, ever.