Hi Tomasz, On Fri, May 20, 2022 at 05:17:19PM +0200, Tomasz Ludwiczak wrote: > Hi, > > I am seeing an increase in SSL Key Generation after upgrading from 2.4.15 > to 2.4.17. I have not changed the openssl version. Does anyone have an idea > what this could be related to? > I have looked at the changes from 2.4.16 and 2.4.17 and nothing obvious > pointing to changes around TLS reuse.
Interesting, I've reviewed the fixes merged between the two and cannot find anything relevant. Do you have copies of the "show info" output before the upgrade to compare before and after ? There are SSL lookups and misses there. These could give some hints about what is happening. Have you tried reverting to 2.4.15 to see if the problem disappears ? We could for example imagine that it's concommittant with another change that happened during the same upgrade (e.g. openssl lib upgrade), even if I would find it unlikely as well. Are you certain you didn't change any tuning option in the config between the two versions ? For example reducing the size of the SSL session cache could make a difference. It would be useful if you could also test with 2.4.16 to help figure if that's related to a change between 2.4.15->16 or 2.4.16->17. Regards, Willy