Bit of a "me too" here. Just today I noticed an issue whereby running a PHP web page that does LDAP queries across our WAN was hanging forever (not an SSL issue BTW - bad LDAP server). I hit the "Stop" button and tried reloading to have another go - and the browser's "swirly thing" swirled away forever - after ten minutes it was still going. A sniffer shows HTTPS traffic between my workstation and the server - but the server never attempted the second LDAP call - which makes me think the request never happened (i.e. something got stuck in SSL land)
In the end the only fix was to either kill the browser, or restart the httpd server. That was Mozilla 1.5 under Redhat 8 talking to Apache 1.3.27/mod_ssl-2.8.12-2 Timeout 300 KeepAliveTimeout 15 SSLSessionCache dbm:logs/ssl_scache SSLSessionCacheTimeout 300 > openssl s_client -connect HOST:PORT -reconnect That appears to work fine here too - I get the "reused" line... -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
