Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

You experience connection problems when you use Internet Explorer to browse through pages on a secure Web site


View products that this article applies to.

Symptoms

When you use Internet Explorer to browse through several secure Web pages on a Web site that use the HTTPS protocol, you may experience the following symptoms:
  • The Secure Sockets Layer (SSL) session is disconnected, and you are prompted to retype your credentials for the Web site.
  • You lose your SSL session ID because SSL renegotiation occurs.

↑ Back to the top


Cause

This problem occurs when one of the following conditions is true:
  • You move from one secure Web page to another secure Web page before the first Web page has finished loading in Microsoft Internet Explorer 6 or in Windows Internet Explorer 7.
  • An Internet Information Services (IIS) Web server is using SSL session IDs for load balancing of IIS Web server connection requests.
When you open a new Web page, Internet Explorer stops downloading page elements for the previous page. Internet Explorer sends a TCP RESET message, and it closes all the active TCP connections for the previous page. After Internet Explorer closes all the active TCP connections, it opens new TCP connections to the new page. This problem occurs when you click a hyperlink while objects are still being downloaded.

If a new HTTPS connection is initiated while a HTTPS Web page is in the SSL handshake phase of the TCP connection negotiation, the TCP RESET message causes an abnormal end to the SSL handshake. This behavior causes the SSL cache for the SSL session ID to be purged. A new connection is then established that causes a full SSL handshake and that uses a new SSL session ID. This is the default behavior for Internet Explorer.

↑ Back to the top


Workaround

Internet Explorer

To work around this problem in Internet Explorer, increase the MaxConnectionsPerServer value to handle more than two concurrent HTTP or HTTPS connections. The default value is to use two connections. For more information about how to increase the number of connections, click the following article number to view the article in the Microsoft Knowledge Base:
282402� How to configure Internet Explorer to have more than two download sessions

Internet Information Services

The following workarounds are for secure Web pages and for secure Web sites that are served from an IIS Web server. You can perform similar workarounds on non-IIS Web servers.
  • Reduce the effect of this problem by preventing users from moving to another Web page while the current Web page is still loading. For example, you can use a DIV tag to show the new page in the onload event.
  • Reduce the occurrence of this problem by increasing the content expiration period on the IIS Web server so that the Web page will remain cached for several days.
  • Use TCP/IP load balancing instead of SSL session ID load balancing. Visit the following Microsoft Web site for more information about TCP/IP load balancing:

↑ Back to the top


Keywords: KB937480, kbprb, kbhowto, kberrmsg, kbexpertiseinter, kbcache, kbbrowsing, kbconnectionfailures, kbssl

↑ Back to the top

Article Info
Article ID : 937480
Revision : 2
Created on : 9/28/2011
Published on : 9/28/2011
Exists online : False
Views : 475