Solved

Formula to determine SSL processing overhead for web transactions?

Posted on 2011-02-25
2
442 Views
Last Modified: 2012-06-22
Hi everyone,
Was wondering if any one had any thoughts on a formula which we could use to determine the overhead on a server to handle incoming SSL web connections.  Basically looking for a way to say with x number of ssl connections coming in, that causes y amount of overhead to process, which equals needing z resources on the server.  

Honestly not sure if there is a way to do this and guess would have to define certain things, like "what is a ssl transaction".  Is it the complete handshake or just the incoming hit, etc.

Curious to see if anyone has any thoughts...

Thanks.
0
Comment
Question by:frankrizzo1856
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Expert Comment

by:lanboyo
ID: 34983972
Depends on the operating system.

On a unix box you can test with a self signed certificate and watch system resources with top as the connection is made and multiply by the number of desired connections. Barring this you can consult with your certificate vendor.
0
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 34984052
The overhead for SSL is very low compared to the benefits.
The 'heavy' CPU work happens on first contact.  Setting up the keys for the rest of the session involves pretty heavy asymmetrical encryption maths. But the good news is this only happens once at the start (well to be exact it will be repeated if your session lasts long enough - but that is not often)
The measure of this is not easy.  Every different system is different in how it deals with this. Some systems do it in software, some in hardware.
The best measure you could do would be to set up your system to return the same pages to http and https (with and without ssl) then to measure lots of pages.
Jmeter is a great tool for this.
Pull 100 pages from 10 users.  You'll find the first pages they pull are a bit slower but the other pages go just as quick as the non-ssl versions.
So the answer is.... Ssl will slow you down. But not much. A very rough 'guess' for a system which does all the ssl in software (like IIS) would be when you pull 10 pages the first one takes twists as much CPU as the non ssl version and the other 9 would use a little bit more so the CPU time for 10 ssl pages would be similar to 12 or 13 pages on the other non ssl site.
The advantage of security and safety make this worth while :)

0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question