miyuki5237
asked on
SSL closes because of 'bad record MAC'
Hi all
I have the following problem
I Have 3 servers SERVER-A, SERVER-B and SERVER-C
SERVER-A is a reverse proxy allows only HTTPS
SERVER-B is a Web Server allows only HTTPS
SERVER-C is a kind of Server using it's own protocol
The client makes a CONNECT SERVER-B:443 HTTP/1.1 to SERVER-A
Then the client makes a CONNECT SERVER-C:1111 HTTP/1.1 to SERVER-B
Now the client has a secure tunnel from client to SERVER-B the connection from SERVER-B to SERVER-C is unsecure
If I have big load on the connection from the client to SERVER-C, then suddenly the SERVER-B get a 'bad record MAC' and the connection will be closed.
I'm thinking the client is sending a renegotiation message to the SERVER-B and this renegotiation is sent by the SSL from the first HTTPS connection
to SERVER-A. Is there a way to stop/shutdown or whatever the SSL connection without closing the underlying socket?
thanks a lot for your help
I have the following problem
I Have 3 servers SERVER-A, SERVER-B and SERVER-C
SERVER-A is a reverse proxy allows only HTTPS
SERVER-B is a Web Server allows only HTTPS
SERVER-C is a kind of Server using it's own protocol
The client makes a CONNECT SERVER-B:443 HTTP/1.1 to SERVER-A
Then the client makes a CONNECT SERVER-C:1111 HTTP/1.1 to SERVER-B
Now the client has a secure tunnel from client to SERVER-B the connection from SERVER-B to SERVER-C is unsecure
If I have big load on the connection from the client to SERVER-C, then suddenly the SERVER-B get a 'bad record MAC' and the connection will be closed.
I'm thinking the client is sending a renegotiation message to the SERVER-B and this renegotiation is sent by the SSL from the first HTTPS connection
to SERVER-A. Is there a way to stop/shutdown or whatever the SSL connection without closing the underlying socket?
thanks a lot for your help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Computer101
EE Admin