libesphttpd icon indicating copy to clipboard operation
libesphttpd copied to clipboard

Published 20 hours ago verified publisher icon chmorgan

Problem with SSL mode.

Open marbalon opened this issue 6 years ago • 3 comments

I have libesphttpd working find on ESP32 + esp-idf 3.3. Today I tried to enable SSL support. I got logs and everything seems to work fine but SSL_accept takes about 11 second...(see logs below). This is not the latest version, but I didn't see any commits related with this. My current version is 51084e0. About 140kb RAM free before I call https request.

Any ideas to solve this problem ? ``

I (10618) httpd-freertos: address 0.0.0.0, port 443, maxConnections 16, mode ssl I (10618) httpd-freertos: SSL server context create ...... I (10618) httpd-freertos: OK I (10618) httpd-freertos: SSL server context setting ca certificate...... I (10628) httpd-freertos: OK I (10628) httpd-freertos: SSL server context setting private key...... I (10958) httpd-freertos: init I (11018) httpd-freertos: esphttpd: active and listening to connections on 0.0.0.0 D (11018) httpd-freertos: Sel add listen 54 I (11018) httpd-freertos: listening for new connections on '0.0.0.0' D (13948) httpd-freertos: select ret D (13948) httpd-freertos: SSL server create ..... D (13948) httpd-freertos: OK D (13948) httpd-freertos: SSL server accept client ..... D (24388) httpd-freertos: OK D (24388) httpd-freertos: Sel add listen 54 D (24498) httpd-freertos: select ret

`` Thanks Marcin.

marbalon avatar Jun 17 '19 12:06 marbalon

Hi @marbalon what is the issue you are seeing? Is the listen failing?

chmorgan avatar Jun 18 '19 00:06 chmorgan

The problem is long SSL_Accept - about 11seconds. Test above was made using wget command, but chrome restarts request every 5seconds.

D (13948) httpd-freertos: SSL server accept client ..... //waiting 11 seconds D (24388) httpd-freertos: OK

marbalon avatar Jun 18 '19 05:06 marbalon

That’s pretty typical. The key exchange is a computationally expensive process. I’m guessing we could specify our preference for faster key approaches, if supported by mbedtls, to speed this up, but this kind of time is what I’ve always seen on ssl connections on esp32.

Has it been quicker for you in the past?

Chris

On Tue, Jun 18, 2019 at 1:48 AM marbalon [email protected] wrote:

The problem is long SSL_Accept - about 11seconds. Test above was made using wget command, but chrome restarts request every 5seconds.

D (13948) httpd-freertos: SSL server accept client ..... //waiting 11 seconds D (24388) httpd-freertos: OK

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/chmorgan/libesphttpd/issues/67?email_source=notifications&email_token=AAJH4ABCJT6GDWS4YSO2C3TP3BZJJA5CNFSM4HYWEQS2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODX5IEXQ#issuecomment-502956638, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJH4AHCN2RZBLNGHZD6HETP3BZJJANCNFSM4HYWEQSQ .

chmorgan avatar Jun 18 '19 15:06 chmorgan