nokeepalive ssl-unclean-shutdown

Turbocapitalist · 01-20-2016, 12:44 PM

Some digital archeology. Maybe this should be in Networking. I've been searching for an explanation of the reasons behind following configuration for Apache:

Code:

SetEnvIf BrowserMatch ".*MSIE [2-5]\..*" nokeepalive ssl-unclean-shutdown

SetEnvIf BrowserMatch ".*MSIE ([6-9]|[0-9]{2}).*" ssl-unclean-shutdown

I realize these kludges are only for old products but I'm looking for the problems behind the need for them.

Which standard is defectively supported (ssl, http, or tcp) and specifically how is (was) it defective?

bathory · 01-24-2016, 03:58 AM

Hi,

Have a look here

Regards

Turbocapitalist · 01-24-2016, 06:10 AM

Thanks, bathory, I've seen that one before but this time, checking again, I followed the link to this one:

http://www.modssl.org/docs/2.8/ssl_faq.html#ToC49

So, historically speaking, is what used to happen that a defect in how SSL was implemented led to these three problems?

1) that the SSL connection would not close and would end up leaving a TCP connection hanging open ?
2) that these defective connections would make Apache appear slow to the user?
3) that when enough such clients connect to Apache, not a big number, new connections are not possible?