• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SSL sites with Forefront TMG on Google Chrome BROKEN

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> SSL sites with Forefront TMG on Google Chrome BROKEN Page: [1]
Login
Message << Older Topic   Newer Topic >>
SSL sites with Forefront TMG on Google Chrome BROKEN - 6.Jan.2011 10:13:40 PM   
carltoncl

 

Posts: 19
Joined: 8.Sep.2006
Status: offline
Recently upgraded from ISA Server 2006 to Forefront TMG. We have several published sites with SSL certs. I noticed that our SSL site suddenly was acting funny in Chrome, requiring multiple button presses to access it.

So, I am not crazy, this is a new feature of Google Chrome called "SSL False Start" and it is designed to reduce the overall time to set up an SSL connection between client and server/website. Forefront TMG does not support "SSL False Start" but this feature works just fine on ISA Server 2006.

This link has more info on the Chrome feature. Others have reported it too. And looks like some FFTMG users are seeing it too now link

Microsoft and Chrome need to get their act together, this is a really serious incompatibility.

< Message edited by carltoncl -- 6.Jan.2011 10:18:50 PM >
Post #: 1
RE: SSL sites with Forefront TMG on Google Chrome BROKEN - 7.Jan.2011 6:22:10 AM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Are you using the HTTPS inspection features of TMG?

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to carltoncl)
Post #: 2
RE: SSL sites with Forefront TMG on Google Chrome BROKEN - 8.Jan.2011 3:49:25 PM   
ferrix

 

Posts: 547
Joined: 16.Mar.2005
Status: offline
This is interesting.  I'm going to have a look at the False Start spec and see if I can figure out what it would take to fix this in TMG.  Because I bet it won't be a super high priority for microsoft to fix their product for the google browser :)

Updated to add: ClearTunnel actually had a similar bug.  I just fixed it and pushed out 1.2.33

I believe I probably know what's wrong with the TMG engine too.  Unfortunately I do not work at Microsoft so I can't fix it there as easily ;)

< Message edited by ferrix -- 8.Jan.2011 8:52:10 PM >

(in reply to Jason Jones)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> SSL sites with Forefront TMG on Google Chrome BROKEN Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts