Hello Javier,
Well after writing my answer to michal a few hours ago (and restart stunnel again) ... still 25% !
For sure something is wrong... and looking at log file no "DH parameters end" event since I restarted stunnel 3 hours ago.
Something goes wrong with this calculation cycle that make it never end.
regards.
J> On Sun, 14 Jun 2015 06:59:52 +0200 J> Michal Trojnara Michal.Trojnara@mirt.net wrote:
After 1 minute of running stunnel running in server mode starts computing new DH parameters. This usually takes a few minutes depending on your hardware. The process is repeated every 24 hours.
J> Hi,
J> depending on your hardware, and what hardware we need now to run J> stunnel in server mode...
J> I see that the difference with previous versions are these 2 lines: J> Using hardcoded DH parameters J> DH initialized with 2048-bit key
J> Looking that I'm over 15 minutes now (and waiting) running the J> command openssl dhparam 2048 to generate static one, this could be a J> nightmare every 24 hours. For me isn't 25%CPU it is above 50% (or J> 100% in one thread) in a humble Pentium 4.
J> For me, too much. That is why I decided to follow your advice but, J> anyway, this takes so much to be by default for every system where J> stunnel runs. Some people might have stunnel running in lower specs J> hardware for a tiny server.
J> It is only my opinion.
J> Regards.
J> P.S.: I waited till end before send this to the list and took, J> finally, over 20 minutes... J> _______________________________________________ J> stunnel-users mailing list J> stunnel-users@stunnel.org J> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
mailto:dodfr@yahoo.com