[erlang-questions] mochiweb https/ssl

[Ingela Andin]

Hi!

2011/5/6 sasa <sasa555@REDACTED>:
> Hello,
> thank you for the reply. It helped me move in the right direction, but
> I still can't figure out the underlying problem.
>
> I have configured stunnel on the test server. The stunnel acted as a
> https proxy to the http erlang server on the same machine.
>
> The behavior was somewhat better - the load test of about 2000
> requests would work correctly for about 30 seconds, then all
> subsequent requests would fail. When using erlang ssl, such load test
> would fail immediately.

Where you using the old or the new erlang ssl implementation? Old ssl
scales poorly.

> I have then moved stunnel proxy to a separate server, and then it
> worked perfectly.
>
> Currently, I am suspecting that cpu load might be the problem. When I
> had stunnel on the same machine as erlang server, cpu load was going
> high. The same thing happened when I used erlang ssl. When stunnel is
> on a separate machine, the cpu load on both machines is fairly low.
>
> I cannot explain why it works better with stunnel. Do I have to
> manually configure ssl sessions when using erlang? As I mentioned
> earlier, the client does long polling i.e. it sends an request, and as
> soon as the request is responded, the new one is made. Is it possible
> that ssl handhsake occurs for every request?

If you use new ssl and not make any special configuration it will
always automatically
try to reuse sessions. (The server can refuse to reuse a session if it wants to)
How the old implementation works I can  not remember from the
top of my head but if you are using the old one I recomend upgrading
to the new one.
The new one is default in R14* and before that the old one is default.
I recomend R14.

Regards Ingela Erlang/OTP team - Ericsson AB