This week's giveaway is in the EJB and other Java EE Technologies forum.
We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Slow SSL connections after Tomcat 5 to 7 migration Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Slow SSL connections after Tomcat 5 to 7 migration" Watch "Slow SSL connections after Tomcat 5 to 7 migration" New topic
Author

Slow SSL connections after Tomcat 5 to 7 migration

Michal Kapitula
Greenhorn

Joined: May 04, 2011
Posts: 2
Hi,

I've been experiencing trouble after migrating our company's web application from Tomcat 5 to Tomcat 7. There's a significant slowdown with https connections after the migration.

I'm aware that application has a flaw - there's a large number of http request needed for generating a page (> 100 requests), but these are mainly static content (css, js, images etc.) and only very limited (1-3) ammount of requests are for dynamically generated content.

I've just tested the page generation time via local network (and browser's cache off) and the page is being fully loaded in circa 2 seconds (with Firebug on) when using http, while loading the same page using secure connection took as much as 10 times longer. It's extremely weird for me, since I haven't noticed any significant differences between Tomcat 5 and 7 approaches to SSL and the server.xml file is pretty much the same.

Problems associated with server load, heavy user traffic or JVM params are rather not an option here. The memory and CPU usage constantly stays lower than with Tomcat 5.

Here are crucial parts of our server.xml file:




Well, except for defining global thread pool nothing really changed between our versions' configuration. I've experimented with Java Nio Blocking Connector, but haven't noticed any significant improvement. Also can't use APR Connector, because it's some kind of requirement that we must use keystore files we already have.

Any ideas on how to improve SSL performance and what could possibly go wrong?

Sorry for my English, for I'm not a native speaker .

Regards,

MK
Geet Srivastava
Greenhorn

Joined: May 04, 2011
Posts: 9
did you try with less number of threads (say 50), minSpare (25) and prestartminSpareThreads=false in executor?
Michal Kapitula
Greenhorn

Joined: May 04, 2011
Posts: 2
No, can't see why it should affect SSL performance.

More threads avaliable, more requests can be handled and prestartminSpareThreads=true is an improvement, as thread pool is filled with (in this case) large portion of avaliable threads at the start of Tomcat. In case of larger page traffic, Tomcat can save time associated with creating new threads to handle requests, at cost of maintaining the these (300) threads at all times. Moreover, both http and https connectors share same thread pool...
Geet Srivastava
Greenhorn

Joined: May 04, 2011
Posts: 9
you mentioned that your 5's server.xml and 7's server.xml look pretty much the same with respect to ssl. executor is the only big difference. so, test it and see if it can be ruled out. it should not take more than few minutes to do it. there is no need to depend on guess work when something can be tested very quickly.
more threads do not always mean more performance in practice.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: Slow SSL connections after Tomcat 5 to 7 migration
 
Similar Threads
server.xml doesn't have this element
UTF-8 encoding problem
http request sending garbage response when request is sent on SSL port.
axis: tomcat always do http compression without watch min size in apps
Tomcat and I/O Operations