# apache with openssl *very* slow

## dreamer

Hi,

I assume the topic tells enough.. I've installed apache 2.0.47 with openssl 0.9.6j and everything seems to be working. However, when i visit my webpage in secure mode it takes >30 secs to connect.

Of course i have searched the forum and did some googling and this came up with adjusting the SSLRandomSeed. I have played around with it, but it doesn't make any difference.

Maybe it's my machine ( Cyrix 166mhz, 24 mem ), but "normal" ( insecure ) is working fine.

I really want to use ssl, but as it is now, it's not useable.

Any idea's?

* would it make a difference if i use mod_ssl ?

----------

## Genone

Encryption uses some CPU power, so it could be your rather slow hardware, but 30 seconds look a bit too much. You can test the encryption speed with somthing like

```

dd if=/dev/urandom of=/tmp/testdata bs=1024 count=1024

time openssl enc -blowfish -pass pass:bla -in /tmp/testdata -out /dev/null

```

that would give you the time needed to encrypt 1 MB of random data, if it needs more than 5-10 seconds I really suspect your hardware is the cause.

mod_ssl won't help you as it is only for apache-1.

----------

## dreamer

That's definitly not the problem, it takes less then a second to encrypt the data.

Funny thing is, when i monitor the server with netstat i notice that the client isn't connecting at all. And then, after +/- 30 secs there is suddenly life.

Seems quite strange behaviour to me   :Confused: 

----------

## saschabieler

Got the same problem on a pentium 2.40GHz with 1 Gig RAM.

Did you find a solution?

Regards 

Sascha

----------

## kashani

When anything takes 10-30 secs to get going DNS should always be the first suspect. I'd make sure you're hostname and any other names for your server are in the /etc/hosts file.

Also check your logs, there may be an explantion in your ssl logs.

kashani

----------

## pachanga

I have the same problem  :Sad:  The strangest thing is that Apache SSL serves small pages faster than big ones. 

Small pages are served almost instantly while large ones are served piece by piece: the first piece(about halve of the page) is sent to the browser very fast  but the rest page pieces take 30-50 secs to be served...

Any ideas?

----------

## pachanga

I grepped my ssl_engine_log for one of the slow requests, here it is:

```

[25/Aug/2006 18:29:56 06376] [info]  Connection to child 3 established (server localhost:443:443, client xxx.xxx.xxx.xxx)

[25/Aug/2006 18:29:56 06376] [info]  Seeding PRNG with 512 bytes of entropy

[25/Aug/2006 18:29:56 06376] [info]  Connection: Client IP: xxx.xxx.xxx.xxx, Protocol: SSLv3, Cipher: DHE-RSA-AES256-SHA (256/256 bits)

[25/Aug/2006 18:29:56 06376] [info]  Initial (No.1) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:30:12 06376] [info]  Connection to child 3 closed with standard shutdown (server localhost:443:443, client xxx.xxx.xxx.xxx)

[25/Aug/2006 18:31:05 06588] [info]  Connection to child 6 established (server localhost:443:443, client xxx.xxx.xxx.xxx)

[25/Aug/2006 18:31:05 06588] [info]  Seeding PRNG with 512 bytes of entropy

[25/Aug/2006 18:31:05 06588] [info]  Connection: Client IP: xxx.xxx.xxx.xxx, Protocol: SSLv3, Cipher: DHE-RSA-AES256-SHA (256/256 bits)

[25/Aug/2006 18:31:05 06588] [info]  Initial (No.1) HTTPS request received for child 6 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Connection: Client IP: xxx.xxx.xxx.xxx, Protocol: SSLv3, Cipher: DHE-RSA-AES256-SHA (256/256 bits)

[25/Aug/2006 18:31:06 06790] [info]  Initial (No.1) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.2) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.3) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.4) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.5) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.6) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.7) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.8) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:31:06 06790] [info]  Subsequent (No.9) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:33:05 06588] [info]  Connection to child 6 closed with standard shutdown (server localhost:443:443, client xxx.xxx.xxx.xxx)

[25/Aug/2006 18:33:05 07177] [info]  Connection to child 7 established (server localhost:443:443, client xxx.xxx.xxx.xxx)

[25/Aug/2006 18:33:05 07177] [info]  Seeding PRNG with 512 bytes of entropy

[25/Aug/2006 18:33:05 07172] [info]  Connection to child 3 established (server localhost:443:443, client xxx.xxx.xxx.xxx)

[25/Aug/2006 18:33:05 07172] [info]  Seeding PRNG with 512 bytes of entropy

[25/Aug/2006 18:33:06 07177] [info]  Connection: Client IP: xxx.xxx.xxx.xxx, Protocol: SSLv3, Cipher: DHE-RSA-AES256-SHA (256/256 bits)

[25/Aug/2006 18:33:06 07172] [info]  Connection: Client IP: xxx.xxx.xxx.xxx, Protocol: SSLv3, Cipher: DHE-RSA-AES256-SHA (256/256 bits)

[25/Aug/2006 18:33:06 07177] [info]  Initial (No.1) HTTPS request received for child 7 (server mysite.com:443)

[25/Aug/2006 18:33:06 07172] [info]  Initial (No.1) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:33:06 07177] [info]  Subsequent (No.2) HTTPS request received for child 7 (server mysite.com:443)

[25/Aug/2006 18:33:08 07172] [info]  Subsequent (No.2) HTTPS request received for child 3 (server mysite.com:443)

[25/Aug/2006 18:33:08 07172] [info]  Connection to child 3 closed with standard shutdown (server localhost:443:443, client xxx.xxx.xxx.xxx)

```

It took it 3 minutes to get served!

----------

