On Fri, Nov 4, 2011 at 7:23 AM, Kimmo Karlsson <[email protected]>wrote:
> Hi All, > > I have ATS as a reverse proxy with SSL termination. Otherwise everything > works just fine, but when I connect to ATS with Chrome over HTTPS, I get a > connection timeout on the first attempt. After clicking "reload" it works. > (Plain HTTP also works fine.) I searched the web for Chrome -related HTTPS > problems and found out about "SSL false start". I then started Chrome (v15) > with "--disable-ssl-false-start" command-line parameter and got no > connection timeouts. I got no timeouts on Firefox7 and IE9, either. > > Has anybody else had similar problems? Is there some configuration option > in ATS that I missed? Are there actually problems with SSL false start > -support in ATS or is this something else? > > I have compiled ATS-3.0.1 with OpenSSL-1.0.0d, but the system also has an > older version of libssl, if that makes any difference. > > There isn't support for false start in openssl as yet. If you want to hand roll support, check out the link below. http://technotes.googlecode.com/git-history/3bea6d3d226c878577c0d520784e14f2c8efbe1c/openssl-1.0.0d-falsestart.patch Sridhar
