Apache SSL Reverse Proxy Very Slow Solution

This is a simple fix but not a simple problem and it still doesn't make sense to me.

But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue.

It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long).  Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.

However when throwing a Proxy and Reverse Proxy with SSL in front of it, made requests take 20-30 seconds (not milliseconds but actual seconds).

I found many proposed solutions or people saying it should be that slow, but that's just not the case, yes SSL is slower but it shouldn't be this slow.  Disabling or enabling all SSL protocols also made no difference.

Solution

 

The problem was instantly solved by replacing the target server's SSL key with a 2048 bit one ( a smaller one). I think this is a big where the SSLProxyPass just can't handle the request properly when the target SSL server has a large public key.

Additional Performance Improvements


Use the "CacheEnable disk /" directive in httpd.conf


Tags:

apache, ssl, proxy, solutionthis, doesn, nutshell, server, accessing, destination, riduculously, bits, accessed, requests, milliseconds, solutions, slower, shouldn, disabling, enabling, protocols, instantly, replacing, sslproxypass, additional, improvements, quot, cacheenable, disk, directive, httpd, conf,

Latest Articles

  • Cisco Router Setup Guide and Tutorial Howto With Commands and Examples
  • Linux Bash Script To List All Connected IPs and their network name
  • Cisco Switches How To Get Of Port Line Status Console Messages
  • Cisco DHCP Snooping Relay Setup Information
  • Cisco Switch Setup Guide Command List
  • Cisco 2960 Switch Reset To Factory Defaults
  • How To Boot Cisco CUCM UCSInstall 8.6, 10, 11 and 12 on KVM/Proxmox
  • VBOX VirtualBox How To Import Raw .img Disk File
  • Windows Server 2012, 2016, 2019 How To Install and Missing Disabled Telnet Client
  • proxmox vm networking breaks when you restart your network on the hostnode
  • Linux ln symlink how to update existing symbolic link
  • Ubuntu 18.04 / Linux Mint 19.1 Cannot Type or Login - solution
  • LUKS Hard Drive Encryption on Linux Mint Ubuntu Debian etc how to mount encrypted hard drive
  • How to use nmap locate other machines/computers/servers on your network using nmap
  • Linux Mint 18.2 Create Config File To Start Application Upon Login
  • Dell Wyse Thin Client BIOS Access Key
  • sudoers file in /etc warning about comments/includes!
  • Centos 7 Reallocate logical volume space to another
  • lvm how to reduce volume size
  • letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."