Comment 29 for bug 1068854

Revision history for this message
In , Björn Jacke (bjoern-j3e) wrote :

downloading large ammount of data via ssl this is not too cpu consuming on recent CPUs but with browsers that support ssl compression you can see very CPU intensive apache processes due to ssl compression being done. instread of 2% cpu time (encryption only) 50% cpu time (compression+encrytion) will be taken by one apache process in a test.

There is no way to disable ssl compression in mod_ssl even though openssl has "SSL_OP_NO_COMPRESSION" which can be enabled via SSL_CTX_set_options since 1.0.0. For scalability reasons it would be required that ssl compression can be turned off in mod_ssl. I would even suggest to turn it off by default because mod_deflate is doing a much better job and can be better tuned by file types etc.