httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Cicimov <icici...@gmail.com>
Subject Re: [users@httpd] Apache + HTTP/2 + SPDY
Date Tue, 26 May 2015 22:42:26 GMT
On 27/05/2015 6:00 AM, "Guitar Man" <molrecords@gmail.com> wrote:
>
> Hello Eric, how are you?
>
> Well, I am working with a COMODO certificate and making tests using the
WebPageTest.org. There, my website SSL Negotiation is more than 300ms,
however, another sites is working with 30-50ms. I think this difference
between values is makeing the Robots index my project slowly (Could be?)
>
> I really do not know how to improve the SSL Negotiation. I am using
Apache 2.4 + Cpanel + 8GB RAM + OpCache, and this negotiation still high.
>
> Do you have some suggestion to me in this searching for a solution?
>

Make sure you use tls1.2 with ECDHE as your primary cipher as it is faster.
Also using ocsp stapling in apache will speedup the establishing of the ssl
connections. New systems might lack entropy at the beginning but yours is
running for a year you said? Also depends on which device is being used
/dev/random vs /dev/urandom but that should be correctly set by apache.
Anyway, paste you relevant part of the ssl settings here including the
mutex, cache etc. and someone might come up with a suggestion that can help.

> My main website is: https://www.musiconline.com.br (I am turning the
OpCache ON soon).
>

OpCache will speedup serving the php pages not the ssl.

> Thanks a lot again. :) Good year!
>
> 2015-05-26 16:53 GMT-03:00 Eric Covener <covener@gmail.com>:
>
>>
>>
>> On Mon, May 25, 2015 at 4:36 PM Guitar Man <molrecords@gmail.com> wrote:
>>>
>>> Hello Developers!
>>>
>>> Someone knows if Apache Foundation is working to include the SPDY in
the new Apache version for HTTP/2?
>>
>>
>> There isn't any work on SPDY or mod_spdy.  There is some third-party
development of a HTTP/2 module:
>>
>> https://github.com/icing/mod_h2
>>
>>>
>>> The Apache WebServer is the most used application and everyone needs a
solution about this issue.
>>>
>>>
>>> I am paying CPANEL with Apache, and all my website that are using
SSL/HTTPS, the SSL Negotiation is very slow.
>>
>>
>> You're hoping to solve this by opening fewer connections, but wouldn't
your n-1 subsequent connections use an abbreviated handshake anyway? Is it
really that slow? Maybe you're missing an SSL session cache or have some
other extenuating factor?
>
>
>
>
> --
>
> Att,
> Andre Luis de Andrade
> Music Online Records @ since 1998
> E-mail: andre@ate.com.br
> Project: http://www.molrecords.com
> World: http://www.molbr.com
> Brazil: http://www.musiconline.com.br
> Company: http://www.ate.com.br
> Curitiba, ParanĂ¡, Brazil
> * Help to heal the world before its too late!

Mime
View raw message