[openssl-users] OpenSSL performance issue
Kurt Roeckx
kurt at roeckx.be
Thu Dec 18 21:36:08 UTC 2014
On Fri, Dec 19, 2014 at 02:30:07AM +0530, Prabhat Puroshottam wrote:
> ***************************************
> This is for *Client -> Agent*
> ***************************************
[...]
> Version 3.1
[...]
> cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA
[...]
> ***************************************
> This is for *Client -> Proxy Server*
> ***************************************
> cipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA
So the differnce here is that jave picks a DHE ciphersuite while
otherwise you didn't. DHE gives you forward secrecy but is
slower.
You're also not using session resumption which might speed up the
whole process. It at least looks like that proxy server might
support that.
You also seem to be using an old version of openssl that only
supports TLSv1, I suggest you upgrade.
Kurt
More information about the openssl-users
mailing list