: When does SSL handshake happen in real world I am about to setup an SSL certificate for my site. The system asked me if I want a 2048 or 4096 bit key. I've read enough about the key strength
I am about to setup an SSL certificate for my site. The system asked me if I want a 2048 or 4096 bit key. I've read enough about the key strength and increased latency/handshake time as well as server and client CPU load. What I am missing is this: When a user opens a page of my site, the SSL handshake happens, and it takes additional time. When is the next handshake needed?
Does any of the following require a new handshake?
Download each new image to display the page once the original HTML was downloaded.
Perform each AJAX query when a user clicks something in the page.
Request a new image from the server based on the path provided in the AJAX response.
Open a different page by clicking a link in the loaded page.
If none of the above, please give the example of when a new handshake is needed.
More posts by @Cugini213
1 Comments
Sorted by latest first Latest Oldest Best
If your webserver is configured with Persistent Connections enabled (also known as keep-alive), then:
The document HTML and all assets required by it (javascripts, CSS files, images etc) will be downloaded using the same HTTPS connection, with files requested and returned one after the other. If there are many assets to download from the same domain, or some of the assets are quite large in file size then depending on the browser configuration it may open additional HTTPS connections in order to download the content of different files at the same time using the extra connections. Once all requests have been responded to the connection will become idle and the browser will then disconnect it.
New content requested via AJAX after the original content had finished loading would require an additional connection but typically (depends on the browser implementation) this connection would be kept open for fetching assets required from the same domain until all requests have been responded to and then browser considered idle once more, at which time the browser will disconnect again.
Opening a different page will require a new connection unless the the link for it is clicked while an existing connection is still open, such as straight after page load or immediately following an AJAX request.
If persistent connections is not enabled on your webserver configuration then each request/response pair will use a separate connection. This can make most HTTP websites slower, but for HTTPS will be even more noticeable because of all the extra SSL/TLS handshaking required.
For a quick way to tell if your website has Persistent Connections enabled, test your website at webpagetest.org and then check the Keep Alive column in the table under the Performance Review tab.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.