Re: slow iis 6.0 performance
From: Param R. (pr_at_nospam.com)
Date: 11/24/04
- Next message: Param R.: "Re: disablesocketpooling"
- Previous message: Param R.: "Re: .net 1.1 form submission"
- In reply to: Egbert Nierop \(MVP for IIS\): "Re: slow iis 6.0 performance"
- Next in thread: Param R.: "Re: slow iis 6.0 performance"
- Reply: Param R.: "Re: slow iis 6.0 performance"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 24 Nov 2004 11:36:58 -0600
OK, here is a wild guess. I looked at the client certificate installed on my
machine that was issued by the CA. Here is the Authority Information Access
section:
[1]Authority Info Access
Access Method=Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
Alternative Name:
URL=ldap:///CN=Lazard%20Group%20Inc,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=LAZARDGROUP,DC=local?cACertificate?base?objectClass=certificationAuthority
[2]Authority Info Access
Access Method=Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
Alternative Name:
URL=http://brserver-i.mydomain.local/CertEnroll/brserver-i.LAZARDGROUP.local_Lazard%20Group%20Inc.crt
Could it be that when this client certificate is being presented to the IIS
web server it is trying to contact the CA via LDAP? Both the paths above are
unreachable from the IIS web server. Now, I checked 1 level up i.e. the root
CA Cert and the path for the CRL is:-
[1]CRL Distribution Point
Distribution Point Name:
Full Name:
URL=http://certs.mydomain.com/certenroll/Lazard%20Group%20Inc.crl
URL=http://brserver-i.mydomain.local/certenroll/Lazard%20Group%20Inc.crl
The first URL is reachable from the IIS web server. I have copy pasted it
into IE on the IIS server and it comes up fine.
What could be going on? I am having the exact same error on a local test IIS
server in the same domain as the CA also.
thanks!
"Egbert Nierop (MVP for IIS)" <egbert_nierop@nospam.invalid> wrote in
message news:ug1HPgk0EHA.2600@TK2MSFTNGP09.phx.gbl...
> Last guess.
> It is trying to use LDAP which is not online or has no SSL?
>
> Event Source: Schannel
> Event ID: 36876
> Description: The certificate received from the remote server has not
> validated correctly. The error code is 0x80090322. The SSL connection
> request has failed. The attached data contains the server certificate.
> Event Source: Schannel
> -or-
>
>
>
> Event ID: 36876
> Description: The certificate received from the remote server has not
> validated correctly. The error code is 0x80090325. The SSL connection
> request has failed. The attached data contains the server certificate.
>
>
> "Param R." <pr@nospam.com> wrote in message
> news:eiM2Oxj0EHA.3500@TK2MSFTNGP09.phx.gbl...
>>I dont use remote shares. Files reside on the local HDD.
>>
>> thanks!
>>
>> "Egbert Nierop (MVP for IIS)" <egbert_nierop@nospam.invalid> wrote in
>> message news:Ormm%23sj0EHA.3808@tk2msftngp13.phx.gbl...
>>> Do you use remote shares for your website content? If yes, the security
>>> has changed.
>>> http://support.microsoft.com/?id=813615
>>>
>>> --
>>> compatible web farm Session replacement for Asp and Asp.Net
>>> http://www.nieropwebconsult.nl/asp_session_manager.htm
>>>
>>> "Param R." <pr@nospam.com> wrote in message
>>> news:ep0CMRj0EHA.3832@TK2MSFTNGP10.phx.gbl...
>>>> No virus software and here is an error I am getting in the Event Log. I
>>>> dont know if they have anything to do with it or not.
>>>>
>>>> Security Event 537:
>>>>
>>>> Logon Failure:
>>>>
>>>> Reason: An error occurred during logon
>>>>
>>>> User Name:
>>>>
>>>> Domain:
>>>>
>>>> Logon Type: 3
>>>>
>>>> Logon Process: Schannel
>>>>
>>>> Authentication Package: Microsoft Unified Security Protocol Provider
>>>>
>>>> Workstation Name: -
>>>>
>>>> Status code: 0xC000006D
>>>>
>>>> Substatus code: 0x80090325
>>>>
>>>> Caller User Name: -
>>>>
>>>> Caller Domain: -
>>>>
>>>> Caller Logon ID: -
>>>>
>>>> Caller Process ID: -
>>>>
>>>> Transited Services: -
>>>>
>>>> Source Network Address: -
>>>>
>>>> Source Port: -
>>>>
>>>>
>>>>
>>>> For more information, see Help and Support Center at
>>>> http://go.microsoft.com/fwlink/events.asp.
>>>>
>>>>
>>>> thanks!
>>>>
>>>> "Egbert Nierop (MVP for IIS)" <egbert_nierop@nospam.invalid> wrote in
>>>> message news:OMTvW%23e0EHA.3584@TK2MSFTNGP11.phx.gbl...
>>>>> Does your event log report things? Did you install a virustool which
>>>>> obviously slows things down?
>>>>>
>>>>> "Param R." <pr@nospam.com> wrote in message
>>>>> news:eDitFxb0EHA.2016@TK2MSFTNGP15.phx.gbl...
>>>>>> ASP.NET. SQL Database. Same application ran 3x faster on IIS 5.0. So
>>>>>> database/code, everything is the same. Even when I plug a client
>>>>>> locally into the same switch it is slow.
>>>>>>
>>>>>> thanks!
>>>>>>
>>>>>> "Egbert Nierop (MVP for IIS)" <egbert_nierop@nospam.invalid> wrote in
>>>>>> message news:epoN0Bb0EHA.2012@TK2MSFTNGP15.phx.gbl...
>>>>>>> Not really easy to guess.
>>>>>>> Do you use ISAPI stuff or do you use a database that you per
>>>>>>> accident forgot to give indexes?
>>>>>>> What technology do you use?
>>>>>>>
>>>>>>> --
>>>>>>> compatible web farm Session replacement for Asp and Asp.Net
>>>>>>> http://www.nieropwebconsult.nl/asp_session_manager.htm
>>>>>>>
>>>>>>> "Param R." <pr@nospam.com> wrote in message
>>>>>>> news:%23Af2Xxa0EHA.3236@TK2MSFTNGP15.phx.gbl...
>>>>>>>> Hi all, we recently upgraded our server to 2003 and everything is
>>>>>>>> just slowww now. Same application running on same .net version on
>>>>>>>> iis 5 was way faster. Any ideas? I read something about buffering
>>>>>>>> in iis 6.0? I have buffering turned on under the IIS properties for
>>>>>>>> the website. Does that help? What could be causing it to be slow?
>>>>>>>>
>>>>>>>> thanks!
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>
- Next message: Param R.: "Re: disablesocketpooling"
- Previous message: Param R.: "Re: .net 1.1 form submission"
- In reply to: Egbert Nierop \(MVP for IIS\): "Re: slow iis 6.0 performance"
- Next in thread: Param R.: "Re: slow iis 6.0 performance"
- Reply: Param R.: "Re: slow iis 6.0 performance"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
