On Fri, Dec 19, 2014 at 02:30:07AM +0530, Prabhat Puroshottam wrote: > *************************************** > This is for *Client -> Agent* > *************************************** [...] > ??????? Version 3.1 [...] > ??????? cipherSuite???????? TLS_RSA_WITH_AES_256_CBC_SHA [...] > *************************************** > This is for *Client -> Proxy Server* > *************************************** > ??????? cipherSuite???????? TLS_DHE_RSA_WITH_AES_256_CBC_SHA So the differnce here is that jave picks a DHE ciphersuite while otherwise you didn't. DHE gives you forward secrecy but is slower. You're also not using session resumption which might speed up the whole process. It at least looks like that proxy server might support that. You also seem to be using an old version of openssl that only supports TLSv1, I suggest you upgrade. Kurt
