Hello Javier, Well after writing my answer to michal a few hours ago (and restart stunnel again) ... still 25% !
For sure something is wrong... and looking at log file no "DH parameters end" event since I restarted stunnel 3 hours ago. Something goes wrong with this calculation cycle that make it never end. regards. J> On Sun, 14 Jun 2015 06:59:52 +0200 J> Michal Trojnara <[email protected]> wrote: >> After 1 minute of running stunnel running in server mode starts >> computing new DH parameters. This usually takes a few minutes >> depending on your hardware. The process is repeated every 24 hours. >> J> Hi, J> depending on your hardware, and what hardware we need now to run J> stunnel in server mode... J> I see that the difference with previous versions are these 2 lines: J> Using hardcoded DH parameters J> DH initialized with 2048-bit key J> Looking that I'm over 15 minutes now (and waiting) running the J> command openssl dhparam 2048 to generate static one, this could be a J> nightmare every 24 hours. For me isn't 25%CPU it is above 50% (or J> 100% in one thread) in a humble Pentium 4. J> For me, too much. That is why I decided to follow your advice but, J> anyway, this takes so much to be by default for every system where J> stunnel runs. Some people might have stunnel running in lower specs J> hardware for a tiny server. J> It is only my opinion. J> Regards. J> P.S.: I waited till end before send this to the list and took, J> finally, over 20 minutes... J> _______________________________________________ J> stunnel-users mailing list J> [email protected] J> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users mailto:[email protected] _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
