How much of a performance hit for https vs http for apache?

For a quick&dirty test (i.e. no optimization whatsoever!) I enabled the simple Ubuntu apache2 default website (which just says “It works!”) with both http and https (self-signed certificate) on a local Ubuntu 9.04 VM and ran the apache benchmark “ab” with 10,000 requests (no concurrency). Client and server were on the same machine/VM:

Results for http (“ab -n 10000 http://ubuntu904/index.html“)

  • Time taken for tests: 2.664 seconds
  • Requests per second: 3753.69 (#/sec)
  • Time per request: 0.266ms

Results for https (“ab -n 10000 https://ubuntu904/index.html“):

  • Time taken for tests: 107.673 seconds
  • Requests per second: 92.87 (#/sec)
  • Time per request: 10.767ms

If you take a closer look (e.g. with tcpdump or wireshark) at the tcp/ip communication of a single request you’ll see that the http case requires 10 packets between client and server whereas https requires 16: Latency is much higher with https. (More about the importance of latency here)

Adding keep-alive (ab option -k) to the test improves the situation because now all requests share the same connection i.e. the SSL overhead is lower – but https is still measurable slower:

Results for http with keep-alive (“ab -k -n 10000 http://ubuntu904/index.html“)

  • Time taken for tests: 1.200 seconds
  • Requests per second: 8334.86 (#/sec)
  • Time per request: 0.120ms

Results for https with keep-alive (“ab -k -n 10000 https://ubuntu904/index.html“):

  • Time taken for tests: 2.711 seconds
  • Requests per second: 3688.12 (#/sec)
  • Time per request: 0.271ms

Conclusion:

  • In this simple testcase https is much slower than http.
  • It’s a good idea to enable https support and benchmark your website to see if you want to pay for the https overhead.
  • Use wireshark to get an impression of the SSL overhead.

Leave a Comment