---------------------------------------- > Date: Thu, 18 Dec 2014 22:36:08 +0100 > From: kurt at roeckx.be > To: openssl-users at openssl.org > Subject: Re: [openssl-users] OpenSSL performance issue > > On Fri, Dec 19, 2014 at 02:30:07AM +0530, Prabhat Puroshottam wrote: >> *************************************** >> This is for *Client -> Agent* >> *************************************** > [...] >> Version 3.1 > [...] >> cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA > [...] >> *************************************** >> This is for *Client -> Proxy Server* >> *************************************** >> cipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA > > So the differnce here is that jave picks a DHE ciphersuite while > otherwise you didn't. DHE gives you forward secrecy but is > slower. Being relatively new to OpenSSL and security programming in general, obviously I need to read into these, but could it cause the delay in sending ServerHello by Java Server. From your above statement I can make out that it might make overall communication slower, but I believe application data transfer is not the concern (at least not now), but only inordinate delay while performing SSL handshake. > You're also not using session resumption which might speed up the > whole process. It at least looks like that proxy server might > support that. Thanks, that was the next step I was going to work on. Would you be so kind as to point out to me how you figured out that proxy server might support session resumption? Sorry if this is a very naive question.
