c# - HTTPS connection timeout after disabling SSL v3.0 and switching to SHA 256 -
our server windows server 2012 iis 8.5 , run several web applications on it.
last week, disabled ssl v3.0 , implemented forward secrecy on our server poodle attack. , released new version of our web applications. cpu went 30%-40%(normally 10-20%). other that, things running smoothly.
this monday, renewed our certificates sha1 sha256 , had new certificates installed on our server. installation went fine , apps ran fine after that.
then things got ugly tuesday some of our clients not access our application via https. requests small js file cannot completed , timed out. errors net::err_timed_out returned in chrome. meanwhile, requests via http okay , completed fast.
the cpu went , down 10% 70%-80% , 10%. , server has plenty memory resource.
we not figure out why , restarted apps several times , didn't work.
so after while, we re-enabled ssl v3.0 , disabled forward secrecy , rebooted server.
finally went normal again, still don't know root cause.
all did disabling ssl v3.0, implementing forward secrecy , upgrading sha 256. of these cause connection timeout?
has encountered kind of issue? or have suggestion how pinpoint root cause , resolve issue?
any appreciated. thanks.
henry
i replied iis.net forum thread both tls 1.0 , sha-256 certificate have client compatibility issues (some clients/browsers fail support them).
in case, more data collection clients , dive failures can provide more insights.
hire security expert assist far best team, lack of skills.
Comments
Post a Comment