For a quick&dirty test (i.e. no optimization whatsoever!) I enabled the simple Ubuntu apache2 default website (which just says “It works!”) with both http and https (self-signed certificate) on a local Ubuntu 9.04 VM and ran the apache benchmark “ab
” with 10,000 requests (no concurrency). Client and server were on the same machine/VM:
Results for http (“ab -n 10000 http://ubuntu904/index.html
“)
- Time taken for tests: 2.664 seconds
- Requests per second: 3753.69 (#/sec)
- Time per request: 0.266ms
Results for https (“ab -n 10000 https://ubuntu904/index.html
“):
- Time taken for tests: 107.673 seconds
- Requests per second: 92.87 (#/sec)
- Time per request: 10.767ms
If you take a closer look (e.g. with tcpdump or wireshark) at the tcp/ip communication of a single request you’ll see that the http case requires 10 packets between client and server whereas https requires 16: Latency is much higher with https. (More about the importance of latency here)
Adding keep-alive (ab
option -k
) to the test improves the situation because now all requests share the same connection i.e. the SSL overhead is lower – but https is still measurable slower:
Results for http with keep-alive (“ab -k -n 10000 http://ubuntu904/index.html
“)
- Time taken for tests: 1.200 seconds
- Requests per second: 8334.86 (#/sec)
- Time per request: 0.120ms
Results for https with keep-alive (“ab -k -n 10000 https://ubuntu904/index.html
“):
- Time taken for tests: 2.711 seconds
- Requests per second: 3688.12 (#/sec)
- Time per request: 0.271ms
Conclusion:
- In this simple testcase https is much slower than http.
- It’s a good idea to enable https support and benchmark your website to see if you want to pay for the https overhead.
- Use wireshark to get an impression of the SSL overhead.