httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Holdsworth <>
Subject [users@httpd] How to benchmark ChaCha20-Poly1305 capable websites using Apache Benchmark (ab) tool?
Date Tue, 25 Jul 2017 11:52:52 GMT
I'm trying to use 'ab' to do some performance benchmarks of my website after having made some
performance tweaks.

Specifically, I'd like to test the difference in performance between the following cipher
suites - all supported by my website:


The three commands that I've tried are:

ab -l -n 1000 -c 10 -H "Accept-Encoding: gzip, deflate, br" -Z ECDHE-RSA-AES128-GCM-SHA256
ab -l -n 1000 -c 10 -H "Accept-Encoding: gzip, deflate, br" -Z ECDHE-ECDSA-AES128-GCM-SHA256
ab -l -n 1000 -c 10 -H "Accept-Encoding: gzip, deflate, br" -Z ECDHE-ECDSA-CHACHA20-POLY1305

The first two work fine, but the third generates the following error:

error setting cipher list [ECDHE-ECDSA-CHACHA20-POLY1305]
1995798240:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1385:
I think my versions of ab and openssl are both up-to-date enough to support the test:

pi@pi3:~ $ which ab && ab -V
This is ApacheBench, Version 2.3 <$Revision: 1757674 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd,
Licensed to The Apache Software Foundation,

pi@pi3:~ $ which openssl && openssl version
OpenSSL 1.1.0f  25 May 2017

The docs for Apache Benchmark don't give much detail on how to check/modify the available
cipher suites that can be specified:

-Z ciphersuite
Specify SSL/TLS cipher suite (See openssl ciphers)

I think the above implies that I should be able to use any of the cipher suites listed by
the openssl ciphers command?

All three of my target cipher suites are indeed listed, so I'm confused why my ab test is
failing for the ECDHE-ECDSA-CHACHA20-POLY1305 suite.

Any tips would be much appreciated!

Btw, I asked the same question on, here:


Boots UK Limited, Registered 928555, Nottingham NG2 3AA This e-mail (including any attachments)
is confidential. It may be read, copied and used only by the intended recipient. If you are
not the intended recipient you should not copy it or use it for any purpose or disclose its
contents to any other person. If you have received this message in error, please notify us
and remove it from your system. We cannot accept liability for any damage you incur as a result
of virus infection.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message