Connection refused under load for SSL - possible bug?

Hi all,

We have experienced an issue on our web server over the last couple of days whereby under load, the server would start return "connection refused" for connection via SSL.

We increased the request queue limit across the board (i.e. aspnet.config, registry settings, queue length on application pool), but the issue remained.  We then thought it may be an issue with the hardware, so we switched to a secondary server, which, initially worked fine but after a few hours the problem returned.

We have approximately 2000-3000 open connections to the SSL port (mainly due to keep-alive).  Turning keep-alive off reduces some of the open connections.

After many hours of investigation, we decided to trace the MicrosoftWindowsHttpService events and found the following:

34 1:06:43 AM 4/5/2013 0.0854924 (4) MicrosoftWindowsHttpService MicrosoftWindowsHttpService:Initiating SSL handshake.
35 1:06:43 AM 4/5/2013 0.0854945 (4) MicrosoftWindowsHttpService MicrosoftWindowsHttpService:SSL connection will be disconnected as initiated by the server application. Status: 3221225488 (0xC0000010).

129 1:06:43 AM 4/5/2013 0.1592179 (4) MicrosoftWindowsHttpService MicrosoftWindowsHttpService:Initiating SSL handshake.
130 1:06:43 AM 4/5/2013 0.1592366 (4) MicrosoftWindowsHttpService MicrosoftWindowsHttpService:SSL connection will be disconnected as initiated by the server application. Status: 0 (0x0).

167 1:06:43 AM 4/5/2013 0.2009499 (4) MicrosoftWindowsHttpService MicrosoftWindowsHttpService:Initiating SSL handshake.
168 1:06:43 AM 4/5/2013 0.2009521 (4) MicrosoftWindowsHttpService MicrosoftWindowsHttpService:SSL connection will be disconnected as initiated by the server application. Status: 3221225488 (0xC0000010).

Many, many events like this intermittently throughout the trace.  We found this KB article:

http://support.microsoft.com/kb/2618425

but the problem remained after the patch was applied.  Either way, the log didn't reflect the scenario the KB describes.

We're pretty much at a loss to know what to do about the issue.  We can't find any more settings to change to increase the limits and the log for HTTP.SYS pretty much provides no information.

Is this a bug?  Does anyone have any ideas of what else we might try?