RE: Slow SSL link

From: Mike Lagase [MS] (mikelag@online.microsoft.com)
Date: 11/12/02

Next message: Amy Banford: "Re: Microsoft Security Bulletin MS02-062"
Previous message: ZM: "RE: Interdev not creating project (authenticate failure)"
In reply to: David========: "Slow SSL link"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: mikelag@online.microsoft.com (Mike Lagase [MS])
Date: Tue, 12 Nov 2002 14:51:43 GMT

This SSL slowness is usually due to the AIA and CRL location in the
certificate properties not being online. By default there is a LDAP
location for Microsoft generated certificates which is not available
externally of course.

What you would need to do is to change this AIA and CRL location in
Certificate Server and then reissue your web certificate. This should allow
https to work just as quickly as http.

Hope this helps.

Mike Lagase
Microsoft Internet Server Support

Next message: Amy Banford: "Re: Microsoft Security Bulletin MS02-062"
Previous message: ZM: "RE: Interdev not creating project (authenticate failure)"
In reply to: David========: "Slow SSL link"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: OpenSSL question
... I am trying to encode the CRL location into the certificates so that ... that you could generate it as part of either the root CA certificate, ... Signed device certificate or the signed crl. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
(Security-Basics)
OpenSSL question
... Now the trial period is over there has been one thing i keep stubbing my toe on and i was hoping someone would be able to help/point me in the right direction. ... I am trying to encode the CRL location into the certificates so that they can be automatically updated to revoked certificates. ... I know that alot of devices allow you to specify the address manually but was hoping that you could generate it as part of either the root CA certificate, Signed device certificate or the signed crl. ...
(Security-Basics)
IE https certificate attack
... A flaw in Microsoft Internet Explorer allows an attacker to perform ... server name with the name stored in the certificate. ... There is a flaw in the way IE checks HTTPS objects that are embedded into ... I don't know the source code of the Internet Explorer I cannot check the ...
(Bugtraq)
Re: IE https certificate attack
... How non-interactive ssl clients in EAI and web services software handle ... Subject: IE https certificate attack ...
(Vuln-Dev)
[NT] Internet Explore HTTPS Certificate Attack
... A flaw in Microsoft Internet Explorer allows an attacker to perform a SSL ... There is a flaw in the way Internet Explorer checks HTTPS objects that are ... Explorer does only check if the certificate of the HTTPS server is ... Internet Explorer will only check if the cert was signed by a trusted CA ...
(Securiteam)