Hi Tomasz,

On Fri, May 20, 2022 at 05:17:19PM +0200, Tomasz Ludwiczak wrote:
> Hi,
> I am seeing an increase in SSL Key Generation after upgrading from 2.4.15
> to 2.4.17. I have not changed the openssl version. Does anyone have an idea
> what this could be related to?
> I have looked at the changes from 2.4.16 and 2.4.17 and nothing obvious
> pointing to changes around TLS reuse.

Interesting, I've reviewed the fixes merged between the two and cannot
find anything relevant. Do you have copies of the "show info" output
before the upgrade to compare before and after ? There are SSL lookups
and misses there. These could give some hints about what is happening.
Have you tried reverting to 2.4.15 to see if the problem disappears ?
We could for example imagine that it's concommittant with another change
that happened during the same upgrade (e.g. openssl lib upgrade), even
if I would find it unlikely as well. Are you certain you didn't change
any tuning option in the config between the two versions ? For example
reducing the size of the SSL session cache could make a difference.

It would be useful if you could also test with 2.4.16 to help figure if
that's related to a change between 2.4.15->16 or 2.4.16->17.


Reply via email to