Why do you think it is a problem? IE tends to do things differently than
Netscape ;). For a number of reasons, IE will close a connection after the
handshake, and then reconnect. It shouldn't cause any problems.
====================
Greg Stark
[EMAIL PROTECTED]
====================
----- Original Message -----
From: "ganesh kumar godavari" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, August 27, 2001 8:21 PM
Subject: problems with connection
hai everyone,
i donot know why my previous message has been ignored. i think i have not
provided sufficient information. so i am providing some more additional
information.
i have created the certificates(using openssl) and signed them myself.i used
ssldump to verify my ssl handshake information using Netscape and IE when a
request is being sent to my ssl server.
i found
#when a request is sent through I.E ssl handshake is being performed. then
the client is closing the connection and reestablishing a new connection and
this time it is succesful more over it is asking for session resumption. (i
understand that the client should close the connection abruptly when it
finds that the server does not support strong ciphers or when it cannot
trust the client -- please correct me if i am wrong). this problem is
causing me a large overhead when ever i get request from I.E, as i am
creating a new process for every request.
i am not facing this problem with netscape. can any one tell me how i can
overcome the problem? i am currently using *SSLv23_server_method* methods.
any pointers would be greatly appreciated.
i am enclosing a copy of the ssldump.
thanks in advance
ganesh
*i am using external session caching to perform session handling with a time
out of 10 sec. 5'th request was from I.E(u notice that the connection was
closed abruptly and it established a new connection i.e request-no 6 which
is succesfull. all other requests are send using Netscape)*
***************ssldump details***********************
New TCP connection #1: dilbert.uccs.edu(3433) <-> oblib.uccs.edu(443)
1 1 0.0126 (0.0126) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
SSL2_CK_RC4
SSL2_CK_3DES
SSL2_CK_RC2
SSL2_CK_DES
SSL2_CK_RC4_EXPORT40
SSL2_CK_RC2_EXPORT40
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
1 2 0.0137 (0.0010) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
bf 67 3d d8 51 a8 ec 1d a7 72 0e 59 ce 52 95 3f
34 75 a8 d3 da ec 62 f0 bf 31 c1 25 bc 20 3d 08
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
1 3 0.1905 (0.1768) S>C Handshake
Certificate
1 4 0.1905 (0.0000) S>C Handshake
ServerHelloDone
1 5 2.8011 (2.6105) C>S Handshake
ClientKeyExchange
1 6 2.8011 (0.0000) C>S ChangeCipherSpec
1 7 2.8011 (0.0000) C>S Handshake
1 8 2.8167 (0.0156) S>C ChangeCipherSpec
1 9 2.8167 (0.0000) S>C Handshake
1 10 2.8177 (0.0010) C>S application_data
1 11 2.8381 (0.0204) C>S application_data
1 12 2.9043 (0.0661) S>C application_data
1 13 2.9098 (0.0055) S>C application_data
1 14 2.9098 (0.0000) S>C application_data
1 15 2.9098 (0.0000) S>C application_data
1 16 2.9098 (0.0000) S>C application_data
1 17 2.9098 (0.0000) S>C application_data
1 18 2.9098 (0.0000) S>C application_data
1 2.9098 (0.0000) S>C TCP FIN
1 19 2.9805 (0.0706) C>S Alert
1 2.9805 (0.0000) C>S TCP FIN
New TCP connection #2: dilbert.uccs.edu(3434) <-> oblib.uccs.edu(443)
2 1 0.0184 (0.0184) C>S Handshake
ClientHello
Version 3.1
resume [32]=
bf 67 3d d8 51 a8 ec 1d a7 72 0e 59 ce 52 95 3f
34 75 a8 d3 da ec 62 f0 bf 31 c1 25 bc 20 3d 08
cipher suites
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
2 2 0.0536 (0.0351) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
bf 67 3d d8 51 a8 ec 1d a7 72 0e 59 ce 52 95 3f
34 75 a8 d3 da ec 62 f0 bf 31 c1 25 bc 20 3d 08
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
2 3 0.0536 (0.0000) S>C ChangeCipherSpec
2 4 0.0536 (0.0000) S>C Handshake
2 5 0.0553 (0.0016) C>S ChangeCipherSpec
2 6 0.0553 (0.0000) C>S Handshake
2 7 0.0553 (0.0000) C>S application_data
2 8 0.0754 (0.0201) C>S application_data
2 9 0.1239 (0.0485) S>C application_data
2 10 0.1291 (0.0052) S>C application_data
2 11 0.1291 (0.0000) S>C application_data
2 12 0.1291 (0.0000) S>C application_data
2 13 0.1291 (0.0000) S>C application_data
2 14 0.1291 (0.0000) S>C application_data
2 15 0.1291 (0.0000) S>C application_data
2 0.1291 (0.0000) S>C TCP FIN
2 16 0.1948 (0.0656) C>S Alert
2 0.1949 (0.0001) C>S TCP FIN
New TCP connection #3: dilbert.uccs.edu(3435) <-> oblib.uccs.edu(443)
3 1 0.0077 (0.0077) C>S Handshake
ClientHello
Version 3.1
resume [32]=
bf 67 3d d8 51 a8 ec 1d a7 72 0e 59 ce 52 95 3f
34 75 a8 d3 da ec 62 f0 bf 31 c1 25 bc 20 3d 08
cipher suites
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
3 2 0.0425 (0.0347) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
bf 67 3d d8 51 a8 ec 1d a7 72 0e 59 ce 52 95 3f
34 75 a8 d3 da ec 62 f0 bf 31 c1 25 bc 20 3d 08
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
3 3 0.0425 (0.0000) S>C ChangeCipherSpec
3 4 0.0425 (0.0000) S>C Handshake
3 5 0.0444 (0.0018) C>S ChangeCipherSpec
3 6 0.0444 (0.0000) C>S Handshake
3 7 0.0444 (0.0000) C>S application_data
3 8 0.0585 (0.0140) C>S application_data
3 9 0.1068 (0.0483) S>C application_data
3 10 0.1123 (0.0054) S>C application_data
3 11 0.1123 (0.0000) S>C application_data
3 12 0.1123 (0.0000) S>C application_data
3 13 0.1123 (0.0000) S>C application_data
3 14 0.1123 (0.0000) S>C application_data
3 15 0.1123 (0.0000) S>C application_data
3 0.1123 (0.0000) S>C TCP FIN
3 16 0.1772 (0.0648) C>S Alert
3 0.1772 (0.0000) C>S TCP FIN
New TCP connection #4: dilbert.uccs.edu(3436) <-> oblib.uccs.edu(443)
4 1 0.0287 (0.0287) C>S Handshake
ClientHello
Version 3.1
resume [32]=
bf 67 3d d8 51 a8 ec 1d a7 72 0e 59 ce 52 95 3f
34 75 a8 d3 da ec 62 f0 bf 31 c1 25 bc 20 3d 08
cipher suites
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
4 2 0.0648 (0.0360) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
5b e2 9e cf 68 b3 39 e7 bb b8 cf 55 ec 66 85 19
c9 a1 64 87 4c ec 34 c2 3e 09 97 0d fc 6b a6 04
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
4 3 0.1924 (0.1275) S>C Handshake
Certificate
4 4 0.1924 (0.0000) S>C Handshake
ServerHelloDone
4 5 0.1952 (0.0027) C>S Handshake
ClientKeyExchange
4 6 0.1952 (0.0000) C>S ChangeCipherSpec
4 7 0.1952 (0.0000) C>S Handshake
4 8 0.2106 (0.0154) S>C ChangeCipherSpec
4 9 0.2106 (0.0000) S>C Handshake
4 10 0.2115 (0.0008) C>S application_data
4 11 0.2250 (0.0134) C>S application_data
4 12 0.2796 (0.0546) S>C application_data
4 13 0.2851 (0.0054) S>C application_data
4 14 0.2851 (0.0000) S>C application_data
4 15 0.2851 (0.0000) S>C application_data
4 16 0.2851 (0.0000) S>C application_data
4 17 0.2851 (0.0000) S>C application_data
4 18 0.2851 (0.0000) S>C application_data
4 0.2851 (0.0000) S>C TCP FIN
4 19 0.3492 (0.0641) C>S Alert
4 0.3493 (0.0000) C>S TCP FIN
New TCP connection #5: dilbert.uccs.edu(3439) <-> oblib.uccs.edu(443)
5 1 0.0874 (0.0874) C>S SSLv2 compatible client hello
Version 3.0
cipher suites
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL2_CK_RC4
SSL2_CK_3DES
SSL2_CK_RC2
SSL_RSA_WITH_DES_CBC_SHA
SSL2_CK_DES
SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL2_CK_RC4_EXPORT40
SSL2_CK_RC2_EXPORT40
5 2 0.0885 (0.0010) S>C Handshake
ServerHello
Version 3.0
session_id[32]=
7b e8 73 04 17 12 d0 fe ae 51 4c 0b a9 c5 80 82
6f aa a6 ad 21 4b 42 40 b4 d7 24 29 65 e5 29 ad
cipherSuite SSL_RSA_WITH_RC4_128_MD5
compressionMethod NULL
5 3 0.2418 (0.1533) S>C Handshake
Certificate
5 4 0.2418 (0.0000) S>C Handshake
ServerHelloDone
5 5 0.2449 (0.0030) C>S Handshake
ClientKeyExchange
5 6 0.2449 (0.0000) C>S ChangeCipherSpec
5 7 0.2449 (0.0000) C>S Handshake
5 8 0.2603 (0.0154) S>C ChangeCipherSpec
5 9 0.2603 (0.0000) S>C Handshake
5 0.3200 (0.0596) C>S TCP FIN
5 0.3201 (0.0001) S>C TCP FIN
New TCP connection #6: dilbert.uccs.edu(3440) <-> oblib.uccs.edu(443)
6 1 0.0008 (0.0008) C>S Handshake
ClientHello
Version 3.0
resume [32]=
7b e8 73 04 17 12 d0 fe ae 51 4c 0b a9 c5 80 82
6f aa a6 ad 21 4b 42 40 b4 d7 24 29 65 e5 29 ad
cipher suites
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
6 2 0.0404 (0.0396) S>C Handshake
ServerHello
Version 3.0
session_id[32]=
7b e8 73 04 17 12 d0 fe ae 51 4c 0b a9 c5 80 82
6f aa a6 ad 21 4b 42 40 b4 d7 24 29 65 e5 29 ad
cipherSuite SSL_RSA_WITH_RC4_128_MD5
compressionMethod NULL
6 3 0.0404 (0.0000) S>C ChangeCipherSpec
6 4 0.0404 (0.0000) S>C Handshake
6 5 0.0410 (0.0005) C>S ChangeCipherSpec
6 6 0.0410 (0.0000) C>S Handshake
6 7 0.0420 (0.0010) C>S application_data
6 8 0.0422 (0.0001) C>S application_data
6 9 0.0908 (0.0486) S>C application_data
6 10 0.0963 (0.0054) S>C application_data
6 11 0.0963 (0.0000) S>C application_data
6 12 0.0963 (0.0000) S>C application_data
6 13 0.0963 (0.0000) S>C application_data
6 14 0.0963 (0.0000) S>C application_data
6 15 0.0963 (0.0000) S>C application_data
6 0.0963 (0.0000) S>C TCP FIN
6 0.0995 (0.0031) C>S TCP FIN
New TCP connection #7: dilbert.uccs.edu(3443) <-> oblib.uccs.edu(443)
7 1 0.0183 (0.0183) C>S Handshake
ClientHello
Version 3.1
resume [32]=
5b e2 9e cf 68 b3 39 e7 bb b8 cf 55 ec 66 85 19
c9 a1 64 87 4c ec 34 c2 3e 09 97 0d fc 6b a6 04
cipher suites
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
7 2 0.0532 (0.0348) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
28 8d 5e a1 fd ef 78 68 9e aa 6b e5 6b c7 33 86
fa c3 de 88 99 f6 8a 07 70 c5 6c 21 dd 8b 54 cc
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
7 3 0.1898 (0.1365) S>C Handshake
Certificate
7 4 0.1898 (0.0000) S>C Handshake
ServerHelloDone
7 5 0.1925 (0.0027) C>S Handshake
ClientKeyExchange
7 6 0.1925 (0.0000) C>S ChangeCipherSpec
7 7 0.1925 (0.0000) C>S Handshake
7 8 0.2081 (0.0155) S>C ChangeCipherSpec
7 9 0.2081 (0.0000) S>C Handshake
7 10 0.2089 (0.0008) C>S application_data
7 11 0.2274 (0.0184) C>S application_data
7 12 0.2773 (0.0499) S>C application_data
7 13 0.2826 (0.0052) S>C application_data
7 14 0.2826 (0.0000) S>C application_data
7 15 0.2826 (0.0000) S>C application_data
7 16 0.2826 (0.0000) S>C application_data
7 17 0.2826 (0.0000) S>C application_data
7 18 0.2826 (0.0000) S>C application_data
7 0.2826 (0.0000) S>C TCP FIN
7 19 0.3475 (0.0648) C>S Alert
7 0.3475 (0.0000) C>S TCP FIN
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]