Lighttpd

The options described on https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_stream-request-bodyDetails may help.

I used server.stream-request-body = 2 and ssl.read-ahead = "disable" but still error comes. I used server.stream-request-body = 1 also, but error could not be successful.

You missed including some of the most basic information in your post, including the lighttpd version you are running.
See How to get support
Did this previously work for you on your embedded system? If so, what changed? The size of the firmware image?

Your lighttpd.conf uses mod_usertrack, which is no longer part of lighttpd. For replacement, see lua mod_usertrack

Your lighttpd.conf and lighttpd version are likely very old since you do not specify the TLS module to use, and since lighttpd 1.4.56, lighttpd has provided TLS modules aimed at embedded systems with small memory, e.g. mod_mbedtls and mod_wolfssl. See Docs_SSL.

You should test with modern versions of lighttpd, which are better at keeping memory use smaller than older lighttpd, and you should test with lighttpd mod_mbedtls or lighttpd mod_wolfssl rather than the default lighttpd mod_openssl (which prior to lighttpd 1.4.56 was the only TLS option in lighttpd).

See also Docs_ResourceTuning and Docs_Performance.
server.max-fds = 128
server.max-connections = 16

BTW, you no longer need to specify mimetype.assign in lighttpd.conf (with modern lighttpd versions) to get a default set of web media types.

Hi,

My lighttpd version is 1.4.35.
Size of Firmware - 16MB
After enabling HTTPS section, I get out of memory error and firmware fails to update. With HTTP I can update firmware easily from web page.
Using TFTPD64 software also, Firmware gets updated but not the after enabling HTTPS, OOM error appears.
As lighttpd version is 1.4.35 so I tried also adding TLS using following settings

$SERVER["socket"] == ":443" {
ssl.engine="enable" 
ssl.pemfile="/var/tmp/lighttpd.pem" 
ssl.use-sslv2="disable" 
ssl.use-sslv3="disable" 
#ssl.cipher-list="ECDHE-RSA-AES128-GCM-SHA256:AES128-SHA256:AES128:!aNULL:!eNU
# Strong SSL/TLS settings
ssl.openssl.ssl-conf-cmd = (
    "MinProtocol" => "TLSv1.2",
    "CipherString" => "HIGH:!aNULL:!MD5",
    "Options" => "-UnsafeLegacyRenegotiation" 
    )
}

browser I use is Microsoft edge,
Linux Distro version-> Linux IP211 3.4.17up

lighttpd 1.4.35 was released Mar 2014, almost 11 years ago. The latest lighttpd is 1.4.77.

You are 42 lighttpd releases out-of-date.

You still have not posted what version of OpenSSL you are using, but if you're using lighttpd 1.4.35, you're also likely using out-of-date TLS software.

How to solve out of memory error during firmware Upgrade?

The answer to your problems is to upgrade to a modern lighttpd release and to use up-to-date TLS libraries, preferably mbedtls or wolfssl, which are aimed at embedded systems.

FYI: server.stream-request-body = 2 was not added to lighttpd until lighttpd 1.4.40, so you obviously have not followed the directions on How to get support, tested your lighttpd.conf syntax, and reviewed the warnings.

Linux Distro version-> Linux IP211 3.4.17up

I do not recognize that distro. That looks like a product ID. Please contact your vendor and upgrade the software.

• I have two types of firmware one is with HTTPS support and one is with HTTP only
  with HTTPS support-
  

  / # df -h
  Filesystem                Size      Used Available Use% Mounted on
  /dev/mtdblock1           12.5M     12.5M         0 100% /home/user
  /dev/mtdblock2          128.0K    128.0K         0 100% /etc/config/flash/default
  /dev/mtdblock3          768.0K    232.0K    536.0K  30% /etc/config/flash/current
  
  

With HTTP support-

/ # df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/mtdblock1           11.9M     11.9M         0 100% /home/user
/dev/mtdblock2          128.0K    128.0K         0 100% /etc/config/flash/default
/dev/mtdblock3            1.4M    228.0K      1.2M  15% /etc/config/flash/current

with this TFTPD, only I can update HTTPS based firmware.
As you suggest migrating to newer version is the solution, but I want to know if support available for this kernel Linux 3.4.17 with newer Lighttpd versions?

As you suggest migrating to newer version is the solution, but I want to know if support available for this kernel Linux 3.4.17 with newer Lighttpd versions?

While I do not test lighttpd with ancient kernels, modern lighttpd should work out-of-the-box with old kernels, though might need a few minor tweaks to the code. Yes, I can help with a few minor tweaks if there are compilation errors. Yes, modern lighttpd works with older versions of openssl, but again, that is not tested. And again, a TLS library such as mbedtls or wolfssl, aimed at embedded systems is recommended for embedded systems.

I can not speak for openssl versions running on your old kernel. OpenSSL 1.0.1 is so, so, so old that it is not even listed on https://endoflife.date/openssl for end-of-life. It reached end-of-life well over 5 years ago. Depending on the CPU power of the device, you might have to choose to use weaker ciphers, such as *_CCM. Note: you will not find support for your TLS questions here, though your company can ask to pay me as a consultant for such support.