

How to decrease CPU load on popular secure sites by 50 times? - valyala
http://my.opera.com/yngve/blog/2011/06/23/popular-but-sluggish-secure-server-popularity-might-not-be-the-reason

======
pronoiac
Their answer is using SSL Session Resume, and the figure in the headline isn't
based on benchmarking.

------
Joakal
When using Nginx, I noticed a penalty of 10x too when not using the SSL cache.

Stunnel and Nginx have SSL caches for those considering it.

~~~
auxbuss
Thanks for that piece of advice. I just went and found and followed this:
<http://nginx.org/en/docs/http/configuring_https_servers.html>

and gained a noticeable speed improvement on nginx.

Here's the nginx module docs, for completeness:
<http://wiki.nginx.org/HttpSslModule>

------
ay
Note that there is a reason to disable the session resume, see e.g.
[http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme....](http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme.html)

------
wglb
This is not the headline on the article.

The headline on the article is _Popular, but sluggish secure server?
Popularity might not be the reason._

Not good to editorialize.

------
jerhewet
"When you have multiple servers, you either need to share all the session
information between the servers (Apache does this using a database;IIS can't)"

Hmm. Grain of salt time, I guess.

<http://msdn.microsoft.com/en-us/library/ms178586.aspx>

~~~
pilif
The article you linked talks about HTTP session storage. The original article
talks about SSL sessions. That's not the same thing:

HTTP sessions are used to keep user state across different requests whereas
SSL sessions are a feature of the SSL protocol to decrease the amount of
encryption work needed across multiple HTTP connections per session.

