> On Apr 16, 2016, at 11:16 AM, Reindl Harald <[email protected]> wrote: > > > Am 16.04.2016 um 18:46 schrieb Phil Sorber: >> Ok, here is my final plan then. I am going to mark them all deprecated >> for 6.2.x. > > when you are at it fix the problem that ATS is the only TLS webserver out > there which can't be benchmarked with "ab" reported by my *over years* > multiple times while none of the httpd-servers with TLS have SSL2/SSL3 > enabled becuas efrankly our openssl has no support für anything below TLS1.0 > at all
I’m not sure what problem exactly you are pointing at here. Is it a bug in ab? Is it a bug in your OpenSSL implementation? Fwiw, I’ve never been able to reproduce this, e.g. this works just fine on CentOS7 (and I have SSL v2 and v3 disabled, of course): $ ab -c 5 -n 100 https://docs.trafficserver.apache.org/ Server Software: ATS/6.2.0 Server Hostname: docs.trafficserver.apache.org Server Port: 443 SSL/TLS Protocol: TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128 Document Path: / Document Length: 229 bytes Concurrency Level: 5 Time taken for tests: 2.758 seconds … Looking at your error messages, it sounds like your ab is trying to use SSL v3, which (hopefully?) is disabled on your ATS box? Ciao, — leif > > [harry@srv-rhsoft:~]$ ab -c 5 -n 100 https://www.thelounge.net/ > This is ApacheBench, Version 2.3 <$Revision: 1706008 $> > Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ > Licensed to The Apache Software Foundation, http://www.apache.org/ > > Benchmarking www.thelounge.net (be patient)...SSL handshake failed (1). > 140124746237920:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 > alert handshake failure:s23_clnt.c:769: > SSL handshake failed (1). > 140124746237920:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 > alert handshake failure:s23_clnt.c:769: > SSL handshake failed (1). > 140124746237920:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 > alert handshake failure:s23_clnt.c:769: >
