Re: SSL is slow when I created my own Certificate

That is to be expected - there is no SSL handshake and checking validity of certificate, looking for CRL. Even after the initial handshake, encrypted traffic will seem slower than unencrypted communication.


--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------


"Ivan Reyes" <IvanReyes@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:68169BF2-E185-486F-935D-3A99177C3D74@xxxxxxxxxxxxxxxx
But if I use change to http the connection is very fast.....

"Bharat Suneja [MVP]" wrote:

Yes, it works.
However, your own certificate is likely not trusted by Windows OS (on the
client side). The extra time it takes when accessing from outside is
probably because of a slow WAN link, and perhaps an inaccessible CRL
(Certificate Revocation List).

You can easily make domain computers trust your internal CA (if it's not
already trusted... ). However, when accessing from other computers, you will
still get a prompt when an untrusted certificate is encountered by the
browser.

Even without certificates, one would expect external access to be a little
slower.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------


"Ivan Reyes" <IvanReyes@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ADB42E97-9A61-461A-9006-193BFA114063@xxxxxxxxxxxxxxxx
>I create my own Certificate to install SSL
> for OWA for both Exchange 2003 in Windows 2003 R2 sp2 and
> Exchange 2003 in Windows Server 2003 standard edition.
> When I used my own Certificate to create SSL, accessing to
> OWA from outside of my LAN is very very slow. It takes
> approximately 1 minute for SSL authentication screen to
> pop up and then the logon screen for OWA. When I logged
> on to OWA within my LAN, SSL and logon screen loaded
> instantly. Is there a problem with MS
> certificate? Have anyone create their own certificate and
> it works?
>
>
>



.

Relevant Pages