Hi,
I am not sure whether the problem i am going to describe had been
already faced by someone? At least I tried to look into google and
httpd mail archives but didn't get much help, so I am writing this
mail.
I am running apache 2.2.17 on Linux 2.6.18-128.el5 with 16 Intel Xeon
E7440 @ 2.40GHz processors. we have 64 GB of memory out of which 24
GB is free which I can use for apache web server.
As subject specifies, I have problem with running Apache on SSL only.
I tried to use 'ab' and tested port 80 & 443 both. port 80 is too fast
than running the server with port 443. Here is the ab o/p (some part I
have removed from o/p for better reading) -
for SSL (port 443) -
# ./ab -n 10000 -c 250 https://192.34.32.11/smcommon/index.html
Server Software: Apache/2.2.17
Server Hostname: 192.34.32.11
Server Port: 443
SSL/TLS Protocol: TLSv1/SSLv3,DHE-RSA-AES256-SHA,1024,256
Time taken for tests: 54.401 seconds
Requests per second: 181.84 [#/sec] (mean)
Time per request: 1374.843 [ms] (mean)
Time per request: 5.499 [ms] (mean, across all concurrent requests)
Transfer rate: 560.51 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 63 863 249.8 859 1844
Processing: 17 508 318.2 502 2591
Waiting: 1 222 286.3 95 2339
Total: 723 1371 238.4 1357 3633
Percentage of the requests served within a certain time (ms)
50% 1357
66% 1368
75% 1374
80% 1381
90% 1414
95% 1758
98% 1968
99% 2698
100% 3633 (longest request)
for SSL (port 80) -
# ./ab -n 10000 -c 250 http://192.34.32.11/smcommon/index.html
Server Software: Apache/2.2.17
Server Hostname: 192.34.32.11
Server Port: 80
Time taken for tests: 0.867 seconds
Requests per second: 11531.99 [#/sec] (mean)
Time per request: 21.679 [ms] (mean)
Time per request: 0.087 [ms] (mean, across all concurrent requests)
Transfer rate: 4887.58 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 4 2.4 3 13
Processing: 6 18 17.5 17 236
Waiting: 4 12 17.6 10 228
Total: 6 21 18.2 19 243
Percentage of the requests served within a certain time (ms)
50% 19
66% 22
75% 23
80% 24
90% 25
95% 26
98% 28
99% 30
100% 243 (longest request)
in httpd-ssl.conf -
Listen 192.34.32.11:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache
"shmcb:/mount/app01/psoftweb/apache-2.2.17/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/mount/app01/psoftweb/apache-2.2.17/logs/ssl_mutex"
<VirtualHost 192.34.32.11:443>
ServerAdmin you@xxxxxxxxxxx
ErrorLog "logs/error_log"
LogFormat "%h %l %{sm_user}i %t \"%r\" %>s %b" common
CustomLog "logs/access_log" common
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4-MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "cert/abc_com.crt"
SSLCertificateKeyFile "cert/abc-xyz.key"
SSLCACertificateFile "cert/TrustedSecureCertificateAuthority.crt"
</VirtualHost>
This is my mpm settings for worker -
<IfModule mpm_worker_module>
ServerLimit 25
StartServers 10
MaxClients 525
MinSpareThreads 50
MaxSpareThreads 300
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
I understand that connecting with https will take some more time as it
involves handshaking and all but as per o/p of ab it's not acceptable.
My problem is, on the same server sun one web server is working really
good and also provide far better result. I am not sure what I am
missing in Apache config that need to be tuned? It shouldn't be any
TCP/IP setting on that server as sun one web server is working really
good even with 400 concurrent users.
Please provide me any URL or any hint so that I can work on it
further. Any help will be great. Sorry for long mail :(
Thanks
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|