issue with ssl communication
I have a situation with SSL certificate. The setup works for multiple client boxes, but failed on one or two newly built machines.
A. calling startHandshake which explicitly begins handshakes, or
B. any attempt to read or write application data on this socket causes an implicit handshake, or
The software on machine has implementated ssl behavior uses B.
setUseClientMode is not used.
PrintStream.write is used to write data and a flush follows right after.
I believe there is something either blocking the write to complete, or the write takes a long time to process (ssl handshake etc.) The remote server does not allow enough time and closes the connection on the requested connection from clients.
[747 byte] By [
AndyXa] at [2007-10-3 3:13:03]
Are you sure it's a time problem? Can you get the server to do SSL tracing? It's more likely to be an SSL issue, e.g. no protocols in common, no certs to match the negotiated protocols, no trusted cert, etc.
ejpa at 2007-7-14 21:04:01 >
Is it maybe a DNS problem? can you ping the server from the affected client machines? by both IP address and hostname?
Behaviours A and B that you describe in your OP are both correct.
Is the delay happening before the first write packet from the client gets onto the network, or afterwards?
ejpa at 2007-7-14 21:04:01 >
it looks like ping was intentionally disabled.
the tcp/ic handshake happens:
syn
syn ack
ack
then there are cicso router spanning tree packets - no indication related to the pc running ssl
then remote server has a strict time out scheme to close socket.
the ssl certificate does not appear to be sent out
Message was edited by:
AndyX
AndyXa at 2007-7-14 21:04:01 >
