I would be really grateful if someone could help me out with this problem. There appears to be a very high time between my client and server in transferring data.
The log shows the following:
2009.06.02 12:32:59 LOG5[5824:5516]: TS3_GPRS accepted connection from 193.35.132.231:45050 2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): before/accept initialization 2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 read client hello A 2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 write server hello A 2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 write certificate A 2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 write certificate request A 2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 flush data 2009.06.02 12:33:09 LOG5[5824:5516]: CRL: verification passed 2009.06.02 12:33:09 LOG5[5824:5516]: VERIFY OK: depth=1, /C=UK/ST=Fife/L=Dunfermline/O=TS3 Services Ltd/OU=Infrastructure/CN=TS3 Services Ltd/emailAddress=helpdesk@ts3services.co.uk 2009.06.02 12:33:09 LOG5[5824:5516]: CRL: verification passed 2009.06.02 12:33:09 LOG5[5824:5516]: VERIFY OK: depth=0, /C=UK/ST=Fife/O=TS3 Services Ltd/OU=Terminal/CN=TS3 Services Ltd/emailAddress=helpdesk@ts3services.co.uk 2009.06.02 12:33:09 LOG7[5824:5516]: SSL state (accept): SSLv3 read client certificate A 2009.06.02 12:33:09 LOG7[5824:5516]: SSL state (accept): SSLv3 read client key exchange A 2009.06.02 12:33:09 LOG7[5824:5516]: SSL state (accept): SSLv3 read certificate verify A 2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 read finished A 2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 write change cipher spec A 2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 write finished A 2009.06.02 12:33:10 LOG7[5824:5516]: SSL state (accept): SSLv3 flush data 2009.06.02 12:33:10 LOG7[5824:5516]: 2 items in the session cache 2009.06.02 12:33:10 LOG7[5824:5516]: 0 client connects (SSL_connect()) 2009.06.02 12:33:10 LOG7[5824:5516]: 0 client connects that finished 2009.06.02 12:33:10 LOG7[5824:5516]: 0 client renegotiations requested 2009.06.02 12:33:10 LOG7[5824:5516]: 2 server connects (SSL_accept()) 2009.06.02 12:33:10 LOG7[5824:5516]: 2 server connects that finished 2009.06.02 12:33:10 LOG7[5824:5516]: 0 server renegotiations requested 2009.06.02 12:33:10 LOG7[5824:5516]: 0 session cache hits 2009.06.02 12:33:10 LOG7[5824:5516]: 0 session cache misses 2009.06.02 12:33:10 LOG7[5824:5516]: 0 session cache timeouts 2009.06.02 12:33:10 LOG6[5824:5516]: SSL accepted: new session negotiated 2009.06.02 12:33:10 LOG6[5824:5516]: Negotiated ciphers: DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 2009.06.02 12:33:10 LOG7[5824:5516]: FD 292 in non-blocking mode 2009.06.02 12:33:10 LOG7[5824:5516]: TS3_GPRS connecting 127.0.0.1:8139 2009.06.02 12:33:10 LOG7[5824:5516]: connect_wait: waiting 10 seconds 2009.06.02 12:33:10 LOG7[5824:5516]: connect_wait: connected 2009.06.02 12:33:10 LOG5[5824:5516]: TS3_GPRS connected remote server from 127.0.0.1:2273 2009.06.02 12:33:10 LOG7[5824:5516]: Remote FD=292 initialized 2009.06.02 12:33:31 LOG7[5824:5516]: Socket closed on read 2009.06.02 12:33:31 LOG7[5824:5516]: SSL write shutdown 2009.06.02 12:33:31 LOG7[5824:5516]: SSL alert (write): warning: close notify 2009.06.02 12:33:31 LOG6[5824:5516]: SSL socket closed on SSL_shutdown 2009.06.02 12:33:31 LOG7[5824:5516]: Socket write shutdown 2009.06.02 12:33:31 LOG5[5824:5516]: Connection closed: 65 bytes sent to SSL, 185 bytes sent to socket 2009.06.02 12:33:31 LOG7[5824:5516]: TS3_GPRS finished (0 left)
The main issue for me is the time between the two lines:
2009.06.02 12:32:59 LOG7[5824:5516]: SSL state (accept): SSLv3 flush data 2009.06.02 12:33:09 LOG5[5824:5516]: CRL: verification passed
The handshaking and certificate exchange appears to be pretty quick, but I need to understand why there is 10 second delay between these two lines. It seems horrendous amount of time for transferring data. It might be my lack of understanding on the SSL process, so any information on this would be greatly appreciated.
Thanks in advance,
Steven