DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 319613 - Last Review: September 27, 2005 - Revision: 1.1

Hotfix Download Available
View and request hotfix downloads
 
This article was previously published under Q319613

SYMPTOMS

A few minutes after you start your computer and log on, a full Secure Sockets Layer (SSL) handshake may be performed again when you refresh a secured page (a page that uses the HTTPS protocol) in Microsoft Internet Explorer 6 on Windows XP. You can see this behavior by viewing a network trace.

CAUSE

This problem occurs because the SSL session cache is unexpectedly purged. The SSL session cache is maintained by Schannel.dll, which is hosted by the Lsass process.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
322389  (http://support.microsoft.com/kb/322389/EN-US/ ) How to Obtain the Latest Windows XP Service Pack
The English version of this fix should have the following file attributes or later:
   Date         Time   Version      Size     File name
   ------------------------------------------------------
   04-Apr-2002  12:10  5.1.2600.41  136,704  Schannel.dll
				

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows XP Service Pack 1.

MORE INFORMATION

When you use SSL3 or Transport Layer Security (TLS), a full handshake should occur only when:
  • You make the initial SSL connection to the Web server.
  • The SSL session times out. You can control this by using the ClientCacheTime registry value.For additional information about this registry value, click the article number below to view the article in the Microsoft Knowledge Base:
    247658  (http://support.microsoft.com/kb/247658/EN-US/ ) How to Configure Secure Sockets Layer Server and Client Cache Elements
The problem occurs only one time after you start the computer. Note that only SSL3 and TLS support a session ID that permits the SSL session to resume without performing a full handshake. The session ID is part of the CLIENT-HELLO message.

APPLIES TO
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
Keywords: 
kbbug kbfix kbqfe kbsecurity kbwinxpsp1fix kbhotfixserver KB319613
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support