c# - HTTPS connection timeout after disabling SSL v3.0 and switching to SHA 256 -


our server windows server 2012 iis 8.5 , run several web applications on it.

last week, disabled ssl v3.0 , implemented forward secrecy on our server poodle attack. , released new version of our web applications. cpu went 30%-40%(normally 10-20%). other that, things running smoothly.

this monday, renewed our certificates sha1 sha256 , had new certificates installed on our server. installation went fine , apps ran fine after that.

then things got ugly tuesday some of our clients not access our application via https. requests small js file cannot completed , timed out. errors net::err_timed_out returned in chrome. meanwhile, requests via http okay , completed fast.

the cpu went , down 10% 70%-80% , 10%. , server has plenty memory resource.

we not figure out why , restarted apps several times , didn't work.

so after while, we re-enabled ssl v3.0 , disabled forward secrecy , rebooted server.

finally went normal again, still don't know root cause.

all did disabling ssl v3.0, implementing forward secrecy , upgrading sha 256. of these cause connection timeout?

has encountered kind of issue? or have suggestion how pinpoint root cause , resolve issue?

any appreciated. thanks.

henry

i replied iis.net forum thread both tls 1.0 , sha-256 certificate have client compatibility issues (some clients/browsers fail support them).

in case, more data collection clients , dive failures can provide more insights.

hire security expert assist far best team, lack of skills.


Comments

Popular posts from this blog

matlab - "Contour not rendered for non-finite ZData" -

delphi - Indy UDP Read Contents of Adata -

javascript - Any ideas when Firefox is likely to implement lengthAdjust and textLength? -