I would like to test the performance difference between enabled and disabled SSLCaching. I use a configuration file for Stunnel 4.11 (daemon mode) where I tell it to accept incoming connections on port 444 and direct them to a local web-server on port 80.
Find code like this in the stunnel source:
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
SSL_set_session(c->ssl, ctx->session_cache_head))
and comment any occurances out. Recompile. Should do the trick.
Another question is if anyone of you has made any performance tests regarding STunnel in combination with an Apache HTTP server on the same machine. I'm specially interested in modes to get this combination run faster. And now please do not tell me to use mod_ssl. :)
Benchmark different key lengths and ciphers until you find the one that's fastest.
And use session caching!