httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Montague <m...@catseye.org>
Subject Re: [users@httpd] Apache is too slow with SSL
Date Wed, 30 Mar 2011 11:24:31 GMT

> As subject specifies, I have problem with running Apache on SSL only.
> I tried to use 'ab' and tested port 80&  443 both. port 80 is too fast
> than running the server with port 443.


SSL needs a source of random data.  What source have you told Apache to 
use?  Note that it is possilble that some sources will block until 
random data becomes available -- if that is happening, then it might 
account for the slowdown you are seeing.

The source of random data is controlled by the SSLRandomSeed directive. 
  See:

http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslrandomseed

I run Apache under Linux, which has a good, non-blocking /dev/urandom 
implementation.  Thus, I use the following directives in my Apache 
global server configuration:

SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/urandom 512

However, this may or may not be appropriate for your situation -- your 
hardware and usage patterns are very different from mine.

Also, this may not be the source of your problem.  But it is the only 
idea that came to mind.  Hopefully other people on the list will have 
better suggestions.

--
   Mark Montague
   mark@catseye.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message