On 8/22/07, Lavoie,Alain [CMC] <Alain.Lavoie@xxxxxxxx> wrote: > Hello, > > I have a Debian etch with apache2-2.2.3-4 and openssl-0.9.8c-4 > 2 VirtualHosts are configured on this server, one regular on port 80 and > the other with SSL on port 443. > The 2 sites are almost the same except the one with SSL deals with > private informations. > When I request any pages on the regular site (port 80), the answer is > fast. However, when I do a request on the > SSL site, it's taking an average of 30sec to display the page. When I do > a tcpdump I can see an increase > of sync/ack, push traffics. This increase is around the double. I > created my certificate with this command: > make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem > and I have these 2 lines in my VH: > SSLEngine on > SSLCertificateFile /etc/apache2/ssl/apache.pem > > I'm sure this slowness and the increase of traffic are not > normal. Can someone gives me some > advises to fix this problem. I'm not an expert in this, but... More network exchanges with ssl would be perfectly normal, since the SSL layer needs to be setup before the HTTP transaction happens. But 30 seconds is absurdly long. The first place I would look is random number generation. Perhaps you need to check the setting of SSLRandomSeed. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx