Apache SSL Reverse Proxy Very Slow Solution -

Apache SSL Reverse Proxy Very Slow Solution

This is a simple fix but not a simple problem and it still doesn't make sense to me.

But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue.

It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long).  Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.

However when throwing a Proxy and Reverse Proxy with SSL in front of it, made requests take 20-30 seconds (not milliseconds but actual seconds).

I found many proposed solutions or people saying it should be that slow, but that's just not the case, yes SSL is slower but it shouldn't be this slow.  Disabling or enabling all SSL protocols also made no difference.

Solution

 

The problem was instantly solved by replacing the target server's SSL key with a 2048 bit one ( a smaller one). I think this is a big where the SSLProxyPass just can't handle the request properly when the target SSL server has a large public key.

Additional Performance Improvements


Use the "CacheEnable disk /" directive in httpd.conf


  • ENOM how to do a 301 redirect to another domain/site
  • ENOM TRANSFER passwords do not match - solution
  • Linux how to check http headers using bash/curl for SEO
  • mdadm: CREATE group disk not found Incrementally started RAID arrays. Incrementally starting RAID arrays...
  • Linux SAMBA does not work with symlinks
  • How to Execute PHP in .html files with Apache in Linux Centos/Debian/Ubuntu etc
  • mdadm how to recover from failed drive
  • yum Packages skipped because of dependency problems:
  • Using a proxy with yum in Centos 6
  • How Do you Open/Extract .WARC Internet Archive Files on Linux Ubuntu/Mint/Centos?
  • How To Disable htaccess inheritance or exclude a directory
  • root/home directory has ownership changed to the wrong user/owner mysteriously
  • mdadm and lvm how to completely disable and remove vg/pv/lv
  • sshd[10470]: Authentication refused: bad ownership or modes for directory /root
  • LG Phoenix 2 Escape Disable AT&T Phonebook/Contacts Error Message
  • mdadm frozen and doesn't realize array is dead/missing failed due to unplugged drives
  • Unable to mount location Failed to retrieve share list from server: No such file or directory solution
  • mdadm how to make inactive array active
  • ImageMagick how to trim white space automatically in Linux
  • curl: (1) Protocol "https not supported or disabled in libcurl"