Hi all,
We are using IAIK JCE/SSL and have the
following issue: when 2 Java
threads
(using IAIK JCE/SSL) try to reuse the
same existing SSL session ID to
connect
the same SSL server (which is also based on IAIK
JCE/SSL) in parallel, it takes
almost the same time as if these 2 are
new connections.
The debug printout is as follows:
ssl_debug(42): Starting
handshake (iSaSiLk 3.03)...
ssl_debug(42): Sending v3
client_hello message, requesting version 3.0...
ssl_debug(42): Trying to resume session
19:EA:48:EC:B8:D8:D7:46...
ssl_debug(43): Starting
handshake (iSaSiLk 3.03)...
ssl_debug(43): Sending v3
client_hello message, requesting version 3.0...
ssl_debug(43): Trying to resume session
19:EA:48:EC:B8:D8:D7:46...
After this, it takes 1 and half minutes
(almost the same time to establish a new connection)
for the program to print out the following
information
ssl_debug(42): Received v3
server_hello handshake message.
ssl_debug(42): Server
selected SSL version 3.0.
ssl_debug(42): Server also
wants to resume a previous session.
ssl_debug(42):
Continuing with CipherSuite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
ssl_debug(42): Continuing
with CompressionMethod: NULL
ssl_debug(42): Received
change_cipher_spec message.
ssl_debug(42): Received
finished message.
ssl_debug(43): Received v3
server_hello handshake message.
ssl_debug(43): Server
selected SSL version 3.0.
ssl_debug(43): Server also
wants to resume a previous session.
ssl_debug(43):
Continuing with CipherSuite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
ssl_debug(43): Continuing
with CompressionMethod: NULL
ssl_debug(43): Received
change_cipher_spec message.
ssl_debug(43): Received
finished message.
[cut]
We also observed that if we run the 2 handshakes
sequentially, it is even faster.
Has anybody encountered this problem before? Any
suggestions?
Thanks,
Steve