I'm working on an app which makes multiple SSL requests to a web service. The service has the certificate, there are no client certificates in use. If I look at the messages in Fiddler, it looks like there is an HTTP CONNECT for every request, which gets
the servers public key and then makes the actual SSL request.
Do I need to do something in the client proxy code to cache the servers certificate to avoid the HTTP CONNECT call every time?
Just found out this was not a Fiddler issue. The cert on the server was configured incorrectly. We run the same code against a new server with a properly configured cert and Fiddler just shows the initial CONNECTs and just HTTPS for every call afterwards.
UPDATE now it seems to be a badly configured firewall. Using WireShark (as recommended above) or Microsoft Network Monitor, I can see this server is responding with a ton of TCP RST commands. So I'm guessing those RST commands are changing ports are killing
the connection and thats why the client has to keep asking for the cert again.
Tuesday, November 09, 2010 8:43 PM
Microsoft is conducting an online survey to understand your opinion of the Msdn Web site. If you choose to participate, the online survey will be presented to you when you leave the Msdn Web site.