: Why would my site load slower after I switched to https? I bought and implemented an SSL certificate on my website and it seems to load a lot slower than before. Why does this happen and
I bought and implemented an SSL certificate on my website and it seems to load a lot slower than before.
Why does this happen and how can it be fixed?
More posts by @Turnbaugh106
2 Comments
Sorted by latest first Latest Oldest Best
Encrypting all the data adds a little computational overhead, but on a decent server this is no issue.
What's really annoying about TLS is that the initial connection takes a long time. You may think that sending a request is as simple as sending a single packet to the server and wait for the response, but it isn't:
First the client needs to establish a TCP connection to the server (this applies to normal http too), then the client gets a response from the server
indicating that the connection was accepted. 1 round-trip (sending one packet to the server and waiting for a reply.)
Then the client needs to communicate with the server to establish a secure TLS connections. This involves sending a lot more small packets back and forth. The TLS handshake is longer than the TCP handshake: 2 round-trips and some number crunching.
Using the TLS connection, the client sends the request to the server and receives a reply. 1 round trip + generating the HTTP response which might take a while.
Establishing the initial connection for HTTPS has twice as many round trips as for plain HTTP and a lot more processing on the server.
Heavy load on the server makes the increased computations slower.
Clients located far away from the server will suffer from the ping time, each round-trip takes one ping time. Plain HTTP takes only 2 pings while HTTPS takes 4 pings.
And just to make matters worse, if a visitor enters your domain name or address without in front of it in their browser, they will first have to make a normal HTTP connection and then get redirected and have to establish a HTTPS connection.
Establish TCP connection to port 80
Send HTTP request and receive a 301 redirect to the version.
Establish TCP connection to port 443
TLS handshake
TLS handshake
Send the HTTP request again and wait for the reply.
That takes 6 pings, some number crunching, and an unnecessary tiny little request.
This is a question that might be too broad for this platform. It's true that encryption carries a computational overhead, but with the right configuration, it can be negligible.
This video from the middle of 2014 explains quite a bit about common problems and myths about the implementation of TLS, and why it can be slow, and why it shouldn't.
My suggestion is: Set yourself up with a nice top command on the shell and request pages from your server. Watch the performance, and what programs use it. You could also install tools like Firebug (for Mozilla Firefox) and look at the requests performed by a client connecting to your server.
It might also be a problem of shared hosting, if that is your case. In that case, the problem might be out of your reach.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.