SSL handshaking very slow

Calomel Org infallibilismindefeasibility at
Fri Nov 26 18:37:24 MSK 2010


It sounds like your system is running out of entropy. Every time a new
SSL connection is made the system needs to have a certain amount of
"randomness" to make new ssl key negotiations. 20K new connections
seems like a entropy resource starvation. If you are running Linux
check out "rngd" and take a look at our page at the following link. 

Entropy and Random Number Generators

   Calomel @
   Open Source Research and Reference

On Thu, Nov 25, 2010 at 06:41:08AM -0500, arashf wrote:
>hi there,
>I'm running the latest stable version of nginx and running into a
>strange issue. after a few hour of operation, SSL handshaking stars to
>become very, very slow. in some cases, establishing an SSL connection
>will take over 30 seconds and the browser consequently timeouts. that
>said, when an SSL connection is established, everything is blazing fast.
>similarly, accessing the site over HTTP is fast. 
>restarting nginx doesn't seem to fix the machine once it gets into this
>state. the only fix is to restart the whole machine. I generally have
>something like 20k SSL sessions active on this machine. changing the SSL
>session timeouts, etc. has no effect once the machine gets into this
>state. are there any obvious parameters (either nginx specific or
>system) that I should be looking at? thanks greatly in advance.
>Posted at Nginx Forum:,153231,153231#msg-153231
>nginx mailing list
>nginx at

More information about the nginx mailing list