Hi !
I have two different installations of mod-ssl,
mod_ssl-2.3.3-1.3.6 and mod_ssl-2.3.1-1.3.6, where I use the same httpd.conf.
When I compare the two different responsetimes of the servers I notice that
the older version is about 7 times faster then the latest version ? How is
it possible that the handshake is slower in the latest version ? I seem to have
the same problem on both unix and NT. Is it possible to do any optimization in
httpd.conf ?
Here is a trace of the negotiation:
[17/Jun/1999 12:33:10] [trace] OpenSSL: Handshake:
start
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: before/accept initialization
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: SSLv3 read client hello A
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: SSLv3 write server hello A
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: SSLv3 write certificate A
[17/Jun/1999 12:33:11] [trace] OpenSSL: Loop: SSLv3 write key exchange A
[17/Jun/1999 12:33:11] [trace] OpenSSL: Loop: SSLv3 write server done A
[17/Jun/1999 12:33:11] [trace] OpenSSL: Loop: SSLv3 flush data
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 read client key exchange A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 read finished A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 write change cipher spec A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 write finished A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 flush data
[17/Jun/1999 12:33:13] [trace] Inter-Process Session Cache: request=SET id=763F05FE3BA575274E7F94683641B9544C3F1CF7D3C593F0C005C1170A1F6877 timeout=297s (session caching)
[17/Jun/1999 12:33:13] [trace] OpenSSL: Handshake: done
[17/Jun/1999 12:33:13] [info] Connection: Client IP: 192.168.52.244, Protocol: TLSv1, Cipher: EDH-RSA-DES-CBC3-SHA (168/168 bits)
[17/Jun/1999 12:33:13] [info] Initial (No.1) HTTPS request received for child 2 (server localhost:443)
[17/Jun/1999 12:33:13] [trace] OpenSSL: Write: SSL negotiation finished successfully
[17/Jun/1999 12:33:13] [info] Connection to child 2 closed with standard shutdown (server localhost:443)
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: before/accept initialization
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: SSLv3 read client hello A
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: SSLv3 write server hello A
[17/Jun/1999 12:33:10] [trace] OpenSSL: Loop: SSLv3 write certificate A
[17/Jun/1999 12:33:11] [trace] OpenSSL: Loop: SSLv3 write key exchange A
[17/Jun/1999 12:33:11] [trace] OpenSSL: Loop: SSLv3 write server done A
[17/Jun/1999 12:33:11] [trace] OpenSSL: Loop: SSLv3 flush data
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 read client key exchange A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 read finished A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 write change cipher spec A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 write finished A
[17/Jun/1999 12:33:13] [trace] OpenSSL: Loop: SSLv3 flush data
[17/Jun/1999 12:33:13] [trace] Inter-Process Session Cache: request=SET id=763F05FE3BA575274E7F94683641B9544C3F1CF7D3C593F0C005C1170A1F6877 timeout=297s (session caching)
[17/Jun/1999 12:33:13] [trace] OpenSSL: Handshake: done
[17/Jun/1999 12:33:13] [info] Connection: Client IP: 192.168.52.244, Protocol: TLSv1, Cipher: EDH-RSA-DES-CBC3-SHA (168/168 bits)
[17/Jun/1999 12:33:13] [info] Initial (No.1) HTTPS request received for child 2 (server localhost:443)
[17/Jun/1999 12:33:13] [trace] OpenSSL: Write: SSL negotiation finished successfully
[17/Jun/1999 12:33:13] [info] Connection to child 2 closed with standard shutdown (server localhost:443)
/Best Regards,
Patrick Harlin, Tech.Consultant,
Media Communications Eur AB (publ)
