[stunnel-users] SSL Session Cache and HTTPS performance
Brian Hatch
bri at stunnel.org
Tue Jul 19 06:26:32 CEST 2005
> I would like to test the performance difference between enabled and
> disabled SSLCaching. I use a configuration file for Stunnel 4.11 (daemon
> mode) where I tell it to accept incoming connections on port 444 and
> direct them to a local web-server on port 80.
Find code like this in the stunnel source:
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
SSL_set_session(c->ssl, ctx->session_cache_head))
and comment any occurances out. Recompile. Should do the trick.
> Another question is if anyone of you has made any performance tests
> regarding STunnel in combination with an Apache HTTP server on the same
> machine. I'm specially interested in modes to get this combination run
> faster. And now please do not tell me to use mod_ssl. :)
Benchmark different key lengths and ciphers until you find the one
that's fastest.
And use session caching!
--
Brian Hatch Whatever hits the
Systems and fan will not be
Security Engineer evenly distributed.
http://www.ifokr.org/bri/
Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20050718/989cefff/attachment.sig>
More information about the stunnel-users
mailing list