07-05-2006 05:27 AM - edited 03-09-2019 03:29 PM
Hi: I am some troubleshooting application issues at the SSL layer. Based on some known IE bugs and Cisco workarounds for the Content Switch with SSL accelerator, we are planning to disable the
functionality where the content switch does not send SSL Closure alerts.
Wondering if anyone out there have any thoughts on if this (disabling SSL Closure Alerts at server) will have any impacts and/or if there are any security vulnerabilities?
Thanks
Ravi
Solved! Go to Solution.
07-11-2006 06:22 AM
For the CSM = "close-protocol none" tells the SSL module not
to send the SSL close-notify alert while closing the connection.
One of the ramifications of this could be that client IE browser might
not negotiate the resumed SSL session for the subsequent ssl
conenction..
This does not harm the functionality, might result in degraded
performance since SSL module will have to establish more new sessions
instead of resumed session.
07-11-2006 06:22 AM
For the CSM = "close-protocol none" tells the SSL module not
to send the SSL close-notify alert while closing the connection.
One of the ramifications of this could be that client IE browser might
not negotiate the resumed SSL session for the subsequent ssl
conenction..
This does not harm the functionality, might result in degraded
performance since SSL module will have to establish more new sessions
instead of resumed session.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide