[stunnel-users] stunnel 5.18 may keep high CPU usage

Javier meresponde2001-stn at yahoo.es
Sun Jun 14 16:47:37 CEST 2015

On Sun, 14 Jun 2015 06:59:52 +0200
Michal Trojnara <Michal.Trojnara at mirt.net> wrote:

> After 1 minute of running stunnel running in server mode starts
> computing new DH parameters.  This usually takes a few minutes
> depending on your hardware.  The process is repeated every 24 hours.


depending on your hardware, and what hardware we need now to run
stunnel in server mode...

I see that the difference with previous versions are these 2 lines:
Using hardcoded DH parameters
DH initialized with 2048-bit key

Looking that I'm over 15 minutes now (and waiting) running the
command openssl dhparam 2048 to generate static one, this could be a
nightmare every 24 hours. For me isn't 25%CPU it is above 50% (or
100% in one thread) in a humble Pentium 4.

For me, too much. That is why I decided to follow your advice but,
anyway, this takes so much to be by default for every system where
stunnel runs. Some people might have stunnel running in lower specs
hardware for a tiny server.

It is only my opinion.


P.S.: I waited till end before send this to the list and took,
finally, over 20 minutes...

More information about the stunnel-users mailing list