?
Solved

How to test HTTPS overhead compared to HTTP?

Posted on 2013-12-05
6
Medium Priority
?
241 Views
Last Modified: 2014-11-12
Hi,

We are in the process of launching our site. it is currently designed with several non-secure pages, and we are only securing the login page and some other pages.
Since we are using a Load Balancer to offload the SSL to the backend Apache servers, we are having some issues with which pages need to be in SSL and which do not, it's quite a mess that we don't really have the time to solve.

I suggested just doing the whole thing in https, but we really have to investigate the possible added overhead if we take this approach.
I've been reading around, and I know now that slowness in https is not a fact, it heavily depends on what you are trying to serve. since our application is highly database centric, one could argue that the ssl overhead would be negligible.

I'm trying to get some actual results from testing, what I've done first is set up Jmeter to make a request to the same page in http and https. the results were identical, other than a "warmup" first request that was slower in https.

I don't think my test is meaningful, because:
a. I just realized that the first request was slow because of the SSL handshake, and all the following requests did not have to do the handshake again.
[EDIT: I just found a way to resolve that. unchecked "use keep-alive" in Jmeter, so each request makes its own SSL handshake, as far as I can see in the sniff]
b. Jmeter does not simulate the browser processing time for SSL.

Can anyone recommend another proper way of testing this?
obviously I can do it one at a time with my browser... but I would like to get some proper statistics instead of one refresh at a time

thanks
0
Comment
Question by:shootbox
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 16

Expert Comment

by:hankknight
ID: 39698710
Do you have access to a Linux command line?
0
 

Author Comment

by:shootbox
ID: 39698725
Yes
0
 
LVL 16

Accepted Solution

by:
hankknight earned 1500 total points
ID: 39698771
Time them both like this:
START=$(date +%s);wget --directory-prefix=tmpdir -E -H -k -K -p http://wiki.apache.org/ >/dev/null 2>&1;echo "It took $(( $(date +%s) - $START )) seconds"; rm -rf tmpdir

Open in new window

0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:shootbox
ID: 39700217
Thanks, but does also does not solve my second limitation - not taking into consideration the actual browser processing time for SSL. it seems that downloading command is more or less like what I was doing with Jmeter.
and.. really? testing performance with only a seconds resolution and not miliseconds?? :D
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 39704478
Do you have a large amount of visitors/very heavy usage that this would be a cause for concern?  SSL on every page seems to be common now.    This thread (including the answers not chosen) is worth a read http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_28236294.html
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question