[sr-dev] kamailio init slows down with multiple TLS domains of big certficates
Jijo
realjijo at gmail.com
Thu May 3 02:14:01 CEST 2012
Hi All,
I have 5 domains with big TLS certficates like each domain has more than 8K
bytes of certificates. I have observed that the kamailio taking quite
amount of time to initialize.
I looked at the code and found that the SSL_CONTEXT is initialized for each
process. Why can't we use the same SSL_CONTEXT for all process. This will
speed up the init time.
I changed using single SSL context for all process and initialization was
very fast.
According to my understanding on a new TLS connection SSL structure for a
connection shall copy all the data from SSL_CTXT. So there is no sharing of
resource here, as SSL_CTXT is readable for all process. So why we have to
create SSL_CTXT for each process.
Please let me know if any particular reason to do it.
Thanks
Jijo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20120502/ea9b4f04/attachment.htm>
More information about the sr-dev
mailing list