I've have these parameters multiple times.
ns_param SockServerProtocols "SSLv2, SSLv3, TLSv1"
ns_param SockServerCipherSuite
"ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_section "ns/server/${server}/module/nsopenssl/sslcontext/users"
ns_param Protocols "SSLv3, TLSv1"
ns_param CipherSuite
"ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_section "ns/server/${server}/module/nsopenssl/sslcontext/client"
ns_param Protocols "SSLv2, SSLv3, TLSv1"
ns_param CipherSuite
"ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
-----Original Message-----
From: AOLserver Discussion [mailto:[EMAIL PROTECTED] On Behalf
Of Dossy Shiobara
Sent: Friday, January 26, 2007 10:35 AM
To: [email protected]
Subject: Re: [AOLSERVER] SSL read error: bad write retry
On 2007.01.26, Alex Kroman <[EMAIL PROTECTED]> wrote:
> I had Siege connect to my development server 50,000 times and did not
> receive the bad write retry once. While clicking around the site with
> Siege active I still got the "bad write retry" and a blank page in
> about
> 75 clicks. This is a similar result to what I would get when my
> development server is not under load.
I smell SSLv2 at play here. I bet Firefox is using TLS or SSLv3, while
IE is still using SSLv2.
What do your "protocols" and "ciphersuite" ns_param's look like in your
nsopenssl config?
-- Dossy
--
Dossy Shiobara | [EMAIL PROTECTED] | http://dossy.org/
Panoptic Computer Network | http://panoptic.com/
"He realized the fastest way to change is to laugh at your own
folly -- then you can let go and quickly move on." (p. 70)
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the
email message. You can leave the Subject: field of your email blank.
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]>
with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
