On 19/12/14 15:17, Brian Reichert wrote: > On Fri, Dec 19, 2014 at 02:30:07AM +0530, Prabhat Puroshottam wrote: >> As you can see the big time difference between the two executions - which >> actually involve the same application level data. The largest chunk of >> time is spent waiting for handshake from *Proxy Server*. The response time >> of *Proxy Server* in replying back with ServerHello, varies greatly >> between 1.5 to 11 seconds across different runs. In the present case it is >> nearly 3.3 seconds - which IMO is not acceptable. > Is Client providing a certicate? Perhaps Proxy is spending time > checking CRLs. That would involve Proxy reaching out to one or > more URLs, with the attendant latencies of DNS resolution, TCP > session setup, and HTTP requests. > Client certificates are not provided as part of the ClientHello, so I don't think this is the problem. Matt
