Solved

How to test HTTPS overhead compared to HTTP?

Posted on 2013-12-05
6
236 Views
Last Modified: 2014-11-12
Hi,

We are in the process of launching our site. it is currently designed with several non-secure pages, and we are only securing the login page and some other pages.
Since we are using a Load Balancer to offload the SSL to the backend Apache servers, we are having some issues with which pages need to be in SSL and which do not, it's quite a mess that we don't really have the time to solve.

I suggested just doing the whole thing in https, but we really have to investigate the possible added overhead if we take this approach.
I've been reading around, and I know now that slowness in https is not a fact, it heavily depends on what you are trying to serve. since our application is highly database centric, one could argue that the ssl overhead would be negligible.

I'm trying to get some actual results from testing, what I've done first is set up Jmeter to make a request to the same page in http and https. the results were identical, other than a "warmup" first request that was slower in https.

I don't think my test is meaningful, because:
a. I just realized that the first request was slow because of the SSL handshake, and all the following requests did not have to do the handshake again.
[EDIT: I just found a way to resolve that. unchecked "use keep-alive" in Jmeter, so each request makes its own SSL handshake, as far as I can see in the sniff]
b. Jmeter does not simulate the browser processing time for SSL.

Can anyone recommend another proper way of testing this?
obviously I can do it one at a time with my browser... but I would like to get some proper statistics instead of one refresh at a time

thanks
0
Comment
Question by:shootbox
  • 3
  • 2
6 Comments
 
LVL 16

Expert Comment

by:hankknight
ID: 39698710
Do you have access to a Linux command line?
0
 

Author Comment

by:shootbox
ID: 39698725
Yes
0
 
LVL 16

Accepted Solution

by:
hankknight earned 500 total points
ID: 39698771
Time them both like this:
START=$(date +%s);wget --directory-prefix=tmpdir -E -H -k -K -p http://wiki.apache.org/ >/dev/null 2>&1;echo "It took $(( $(date +%s) - $START )) seconds"; rm -rf tmpdir

Open in new window

0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:shootbox
ID: 39700217
Thanks, but does also does not solve my second limitation - not taking into consideration the actual browser processing time for SSL. it seems that downloading command is more or less like what I was doing with Jmeter.
and.. really? testing performance with only a seconds resolution and not miliseconds?? :D
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39704478
Do you have a large amount of visitors/very heavy usage that this would be a cause for concern?  SSL on every page seems to be common now.    This thread (including the answers not chosen) is worth a read http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_28236294.html
0
 
LVL 16

Expert Comment

by:hankknight
ID: 39711301
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question