[openssl-users] long (~2.5 minute) delay in TLS handshake

Michael Wojcik Michael.Wojcik at microfocus.com
Tue Dec 1 21:57:58 UTC 2015

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> Of Kurt Roeckx
> Sent: Monday, November 30, 2015 18:38
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] long (~2.5 minute) delay in TLS handshake
> On Mon, Nov 30, 2015 at 10:46:45PM +0000, Michael Wojcik wrote:
> > I'm curious if anyone has seen anything like this before.
> >
> > We have a situation at one customer site. They see it happen every few
> days. No one else has reported it, and we can't reproduce it.
> Have you considered that this might be a path MTU discovery issue
> and that the TCP layer is just resending the (too large) packet
> without it reaching the other side?

Interesting suggestion, but the trace was taken on the server, and it's definitely not resending. Just sitting there, as far as this one conversation is concerned. Existing conversations from other clients continue with no problems. It acks the ClientHello, then 2.5 minutes later sends the ServerHello, which the client responds to with an RST (because it's long since gone away).

This same client connects successfully about 5 minutes later, with no unusual delays.

Pretty odd.

Michael Wojcik
Technology Specialist, Micro Focus

More information about the openssl-users mailing list