You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Timo Coutura <ti...@cologne-intelligence.de> on 2017/11/15 10:26:20 UTC
[users@httpd] Logging SSL Handshake Duration
Hi Everyone,
I am looking for a way to determine the time spent on a SSL Handshake in an access log. So far i’ve discovered only env-vars and log formats (like %D) returning the overall time spent on a request. The background here is that i sometimes get requests which take up to 10 seconds, all of them being initial requests, so the handshake has to be done. The actual request to the application gets independently logged and does take some milliseconds.
I have enabled ssl logging on debug level but cannot specifically reproduce these kind of requests and parsing this debug log for time spent for the handshake is not an option on the very busy production server.
Are there any env-vars that provide more specific information on time spent in the different phases of a request?
Thank you very much in advance!
Best regards,
Timo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
WG: [users@httpd] Logging SSL Handshake Duration
Posted by Timo Coutura <ti...@cologne-intelligence.de>.
Sry, didnt answer to list..
Hi Osama,
thanks for your answer. I will look into your suggestion to handle my connection problems.
My first and main goal however is to be able to log the request more fine-grained to be able to identify the parts of the request that produce the problem, to further exclude other factors i have no control over and to be able to distinguish between application lags and other sources like in this case the connection startup. Also I want to be able to determine afterwards, whether such a fix as yours did the trick. I am using an ELK environment to analyse my data and i basically want an indexed field for the elapsed time after a handshake is finished as opposed to a overall responsetime from which I cannot determine, which part took way too long.
Thanks again and have a nice day Everyone!
Timo
________________________________
Von: Osama Elnaggar [oelnaggar04@gmail.com]
Gesendet: Mittwoch, 15. November 2017 19:41
An: Timo Coutura; users@httpd.apache.org
Betreff: Re: [users@httpd] Logging SSL Handshake Duration
Hi Timo,
From what you described, your problem may be related to OCSP. Have you tried OCSP stapling?
--
Osama Elnaggar
On November 15, 2017 at 9:26:29 PM, Timo Coutura (timo.coutura@cologne-intelligence.de<ma...@cologne-intelligence.de>) wrote:
Hi Everyone,
I am looking for a way to determine the time spent on a SSL Handshake in an access log. So far i’ve discovered only env-vars and log formats (like %D) returning the overall time spent on a request. The background here is that i sometimes get requests which take up to 10 seconds, all of them being initial requests, so the handshake has to be done. The actual request to the application gets independently logged and does take some milliseconds.
I have enabled ssl logging on debug level but cannot specifically reproduce these kind of requests and parsing this debug log for time spent for the handshake is not an option on the very busy production server.
Are there any env-vars that provide more specific information on time spent in the different phases of a request?
Thank you very much in advance!
Best regards,
Timo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org<ma...@httpd.apache.org>
For additional commands, e-mail: users-help@httpd.apache.org<ma...@httpd.apache.org>
Re: [users@httpd] Logging SSL Handshake Duration
Posted by Osama Elnaggar <oe...@gmail.com>.
Hi Timo,
From what you described, your problem may be related to OCSP. Have you
tried OCSP stapling?
--
Osama Elnaggar
On November 15, 2017 at 9:26:29 PM, Timo Coutura (
timo.coutura@cologne-intelligence.de) wrote:
Hi Everyone,
I am looking for a way to determine the time spent on a SSL Handshake in an
access log. So far i’ve discovered only env-vars and log formats (like %D)
returning the overall time spent on a request. The background here is that
i sometimes get requests which take up to 10 seconds, all of them being
initial requests, so the handshake has to be done. The actual request to
the application gets independently logged and does take some milliseconds.
I have enabled ssl logging on debug level but cannot specifically reproduce
these kind of requests and parsing this debug log for time spent for the
handshake is not an option on the very busy production server.
Are there any env-vars that provide more specific information on time spent
in the different phases of a request?
Thank you very much in advance!
Best regards,
Timo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org