• 12

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

haproxy tcp retransmission during tls handshake

I'm setting up a TLS 1.2 endpoint with client authentication using HAProxy 1.8.17 (with openssl 1.1.1) from Debian testing.

With wireshark I observe a retransmission of the TCP packet that contains these TLS messages: "Certificate", "Server Key Exchange", "Certificate Request", "Server Hello Done". The retransmission occurs after round about 15 milliseconds. One millisecond later the ACK of the client arrives. This occurs during every TLS handshake with low deviation in the timings.

It is reasonable that the answer of the client takes times because it's a slow embedded device. Using a software client the answer is received in less than one millisecond and no retransmission occurs.

So my question is: is there a setting either in haproxy, openssl or Debian that I can use to prevent the server from sending these retransmissions?

Trending Tags