11-20-2003 09:49 AM
Many of our customers complain about interrupted SSL sessions, when using MSIE 5.01 or above via a proxy server (e.g. SQUID, ISA). Mainly it seems to happen on POST operations.
Until now we found two workarounds:
- A working solution is to use MSIE and bypassing the proxy server.
- Everything is fine too, when using a Mozilla browser via a proxy server.
But, in most cases our customers are not able to use these workarounds.
On our side we are running an Apache 2.0 server, which is behind a CSS11503 box (S/W version 7.20 Build 104).
We defined the following content rule:
content www.exportservice.at_https
application ssl
add service www.exportservice.at_https_1
add service www.exportservice.at_https_2
vip address 143.245.6.23
balance srcip
protocol tcp
port 443
url "/*"
advanced-balance sticky-srcip
sticky-mask 255.255.254.0
active
As I read in some forum articles MSIE may cause problems with SSL stickyness. Therefore we use srcip stickyness. But it doesn´t help.
Do you have any idea, what we can do to offer stable services to our customers?
I would be glad to get any hints to solve our problem.
Best regards
Franz
11-26-2003 09:16 AM
11-26-2003 09:33 AM
Could you describe the symptoms the clients are experiencing...what do you mean by interrupted SSL sessions.
If they are getting 404 errors after periods of inactivity, you can fix this with keepalive settings on the apache server and adjusting the apache keepalive timers.....btw, IIS uses a keepalive timer of 900 seconds, apache uses a default of 90 seconds
11-28-2003 06:53 AM
Franz, since u claim, that ur customers are already using IE 5.01, then this link will not be of much help to you.
However, go thru this and see if you can get anymore further with this issue.
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q265369&ID=KB;EN-US;Q265369
regards
Krish...
Cisco TAC
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide