[stunnel-users] Inconsistent performance across stunnel and/or OpenSSL versions

• Previous message (by thread): [stunnel-users] Inconsistent performance across stunnel and/or OpenSSL versions
• Next message (by thread): [stunnel-users] Inconsistent performance across stunnel and/or OpenSSL versions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2013/4/18 PPingPongBaker PPingPongBaker <ppingpongbaker at gmail.com>:
>
> It appears including static DH params in the certificate brings the
> performance back up in 4.40 and onward.

If you need the best performance, then disabling DH key exchange might
be a good idea as it is quite time consuming. If you still need
forward secrecy then ECDH should be a lot better, especially with
OpenSSL 1.0.1. In all cases, it might be worth looking at Google SSL
configuration, it is configured for quite a lot of traffic:)
https://www.ssllabs.com/ssltest/analyze.html?d=google.com

--
Janusz Dziemidowicz

• Previous message (by thread): [stunnel-users] Inconsistent performance across stunnel and/or OpenSSL versions
• Next message (by thread): [stunnel-users] Inconsistent performance across stunnel and/or OpenSSL versions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]