FTL Uses 100% CPU When Trying to Connect to HTTPS, Times Out

[CharAznableLoNZ]

Versions

Core version is v6.0.4 (Latest: v6.0.4)
Web version is v6.0.1 (Latest: v6.0.1)
FTL version is v6.0.3 (Latest: v6.0.3)

Platform

• OS and version: Ubuntu Server 24.04.2 LTS
• Platform: VM ESXI 1GB RAM, 1 4GHz core. 17GB available disk space.

Expected behavior

The HTTPS connection works. FTL does not use 100% CPU.
A clear and concise description of what you expected to happen.

Actual behavior / bug

The HTTPS connection times out. The entire time the browser is trying to connect, FTL uses 100% CPU.
A clear and concise description of what the bug is.

Steps to reproduce

Steps to reproduce the behavior:

1. Open https://pi.hole/
2. Connection times out.
3. See FTL using 100% CPU in htop

Debug Token

• URL: https://tricorder.pi-hole.net/VoPGNIsU/

Screenshots

Additional context

The HTTPS connection has never worked since upgrade to V6. HTTP still works just fine.
I thought it could be an certificate error so I signed my own web server certificate using my CA. The CA certificate is in the system ca-certificates store. It is used for all outbound https connections. Other servers I have that have their web servers certificates signed by this CA on this subnet work fine.
I have webserver.tls.cert set to /etc/pihole/webserver.pem. The pihole user is the owner of this file. The file contains the web server certificate and the private key as one file.

[PromoFaux]

Possibly related the the default webserver thread count...

Can you please try pihole checkout ftl tweak/webserver_threads ?

[CharAznableLoNZ]

That seems to have resolved it. I have taken a snapshot before applying this change. I am fine with waiting until this change makes it to the master branch. Should I revert this snapshot? Further would adding more cores to the VM be another way to resolve this? I figured a DNS forwarder would never need more than one but maybe multicore expectations on modern hardware says otherwise.
Core
Version is v6.0.4 (Latest: v6.0.4)
Branch is master
Hash is 567bb72 (Latest: 567bb72)
Web
Version is v6.0.1 (Latest: v6.0.1)
Branch is master
Hash is 42e7279a (Latest: 42e7279a)
FTL
Version is vDev-2aeccfb (Latest: null)
Branch is tweak/webserver_threads
Hash is 2aeccfb (Latest: 2aeccfb)

[PromoFaux]

Good stuff.

Further would adding more cores to the VM be another way to resolve this?

Potentially, while the DNS server itself doesn't need much - the web interface probably needs a little more. That said, we're effectively taking the threads of the webserver back to their default of 50 #2305

We initially set them low out of an abundance of caution - but it appears that we may have been being too cautious.

More discussion here #2284

If you like, you can switch back to master (pihole checkout ftl master) and then set the config webserver.threads to 50. It will have the same effect - I just wanted a guinea pig to make sure the new branch worked ;)

[CharAznableLoNZ]

Thank you for the quick help. I will set the webserver.threads setting and switch back to the master branch. Should I leave this ticket open or close it? You can do so if you like.

[DL6ER]

I will close it as this is resolved and will not affect future users after #2305