Using:
PHP 5.5.10
nginx 1.5.10
Centos 6.5
a xen-based 4GB VPS
My site uses encrypted paypal buttons. This encryption is done by the following code:
$openssl_cmd = "($OPENSSL smime -sign -signer $MY_CERT_FILE -inkey $MY_KEY_FILE " .
"-outform der -nodetach -binary <<_EOF_\n$data\n_EOF_\n) | " .
"$OPENSSL smime -encrypt -des3 -binary -outform pem $PAYPAL_CERT_FILE";
exec($openssl_cmd, $output, $error);
A couple of times now (a few days apart) the buttons have started to fail to encode. If I run "service php-fpm restart" then everything is fine again.
This is the error given:
PHP Warning: exec(): Unable to fork [(/usr/bin/openssl smime -sign
-signer /var/www/my-pubcert.pem -inkey /var/www/my-prvkey.pem -outform der
-nodetach -binary <datasnipped>) | /usr/bin/openssl smime -encrypt -des3
-binary -outform pem /var/www/paypal_cert.pem]
Once it happens it seems to happen constantly until I restart php-fpm.
Any ideas what route I should go down to debug/fix this?
Thanks
Best Answer
Most likely the PHP processes start using a lot of memory at some point (you can check that in top, press M to sort the processes by memory). Try setting "pm.max_requests = 100" or, anyway, a much lower value of what you have now (or, around 100 or so if it is 0, which means infinite).
By the way, a much better approach to your encryption would be to use the PHP OpenSSL library rather than executing the command line interface of OpenSSL.
Edit:
At your request (even if it is partially off-topic), you can find documentation and example code for the 2 OpenSSL functions in PHP here and here. You may need to recompile PHP with OpenSSL support or install the required module (normally it should have it built in).