- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Remote Server Management
- >
- Re: SSL Certificate for iLO connection time is so ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2013 08:45 AM - edited 10-09-2013 08:48 AM
10-09-2013 08:45 AM - edited 10-09-2013 08:48 AM
Re: SSL Certificate for iLO connection time is so long
I don't see anything wrong in the network trace. However, I did notice few things that could explain what is happening here.
iLO2 has a limit of 7 simultaneous SSL sessions. Some browsers like to open multiple simultaneous SSL sessions to the target. Apparently, browsers do this in order to download webpages faster.
Also, iLO2 webserver has a 2 minutes timeout for each HTTP/HTTPS session. If no web traffic is seen on one session after 120 seconds, iLO2 will close the socket and free up that SSL session.
If you have something else in that network that is constantly opening SSL connections to your iLOs, your iLOs might not have enough SSL sessions left for you when you use your browser.
Check how many concurrent connections is your IE currently using and try tweaking its values.
http://www.mr2t.com/tweaks-ie-connections
By the way, Chrome is not supported in iLO2.
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Tags:
- chrome
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2013 07:36 PM - edited 10-09-2013 08:52 PM
10-09-2013 07:36 PM - edited 10-09-2013 08:52 PM
Re: SSL Certificate for iLO connection time is so long
Thanks for the answer.
But with selfsigned cert I have no problem - loading is fast. With cert from Internal CA having speed issue after logon...
Checking registry parameters - having default value. have no problem on the other ssl web-pages.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2013 07:51 AM
10-10-2013 07:51 AM
Re: SSL Certificate for iLO connection time is so long
Doubling the RSA key length means that encryption will be 6-7 times slower. If the imported SSL cert signed by your CA is 2048 bit then, iLO2 is going to take 6-7 times longer to do initial SSL handshakes every time your browser establishes a new SSL session. Since some browsers out there can open up to 6 simultaneous SSL sessions, your iLO2 is going to get really slow, spending most of its time doing nothing but public key encryption computations.
Other SSL webservers have more powerful processors that can handle multiple SSL connections without breaking a sweat. iLO2 is a 8 years product designed at a time when 1024bit RSA was good enough. It has clearly outlived its usefulness.
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2013 07:07 PM
10-10-2013 07:07 PM
Re: SSL Certificate for iLO connection time is so long
I have installed 1024 cert from my CA not a 2048.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2013 06:53 AM
10-11-2013 06:53 AM
Re: SSL Certificate for iLO connection time is so long
Then, forget what I said.
If you remove that cert (by changing iLO hostname), does iLO become faster?
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2013 02:02 PM
10-21-2013 02:02 PM
Re: SSL Certificate for iLO connection time is so long
Interesting.
I'm able to reproduce this issue now that I have imported a SSL Cert signed by my company CA. I'm debugging it right now.
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2013 02:08 PM
10-22-2013 02:08 PM
Re: SSL Certificate for iLO connection time is so long
Ok, I found the bug. We are going to fix it in the next iLO2 release.
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2013 10:39 AM
10-28-2013 10:39 AM
Re: SSL Certificate for iLO connection time is so long
Could you please test an iLO2 v2.23 that I've uploaded to my temp FTP site?
ftp://ilo4me:G!v3t2me@ftp.usa.hp.com/iLO2
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-18-2013 07:06 AM
11-18-2013 07:06 AM
Re: SSL Certificate for iLO connection time is so long
We fixed your problem in a new iLO2 v2.23 release. It is on the web.
Thanks
Oscar
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- « Previous
-
- 1
- 2
- Next »