04-05-2012 08:43 PM
I have to create a Web Service script wherein i should hit a request,
which inturn will create a SSL session for a single user. Now, for all
the iterations of the same user, the same SSL session has to be
reused. But when the next user or vuser hits, the user has to establish a new
SSL session and again, the same SSL session has to be re-used for all
its iterations.This was raised by the application team, as the SSL
handshake was doing an overhead on the performance of the service. So
can any one please help me to find out a way to accomplish the same. I
tried creating the script with web http/html and web service protocol
with "Print SSL information" enabled in Run-Time settings and got the
SSL info in the logs. But since this is the connection part, i was not
able to capture it or use it for anything.I am stuck and not able to
find any way.
Any help would be really appreciated.
Thanks & Regards,
04-06-2012 07:51 AM
This is a very interesting topic you brought up, SSL handshake takes up most of the time when we look into the web-page-breakdown graph during analysis. I had similar performance problems but was never instructed by the application team to continue processing requests with one open Secure Sockets Layer connection.
According to me it will not server the purpose of using a SSL or TSL cryptographic protocol. As you know handshake allows the server to authenticate itself to the client by using public-key techniques, and then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows.
In you case they want you to repeat the sessions after the handshake is made, which is very tricky, I have not done this before, you can give it a try,
Option 1) Tell the application team/Dev team to give you a WSLD/ Soap,XML which takes in a huge input argument which is equal to 100 or more requests and satisfies the load expectation, that way with one SSL connection you will be pushing 100 requests and once done you will close the connection.
Option 2) convert the script into web(HTTP/HTML) protocol, and design your script that it will loop around the body part of the script after the connection is made. This will be very tricky to loop only for the body part within the request.
Option 3) Get you working script right, I mean get your socket options correct eg: web_set_socket_options("SSL+VERSIOM","TLS"); Disable log, Tell the server admin to enable server side caching and re-run your test.
Srikant, its a know fact for any secure application. The SSL handshake eats up most of the time, the latest version TLS 1.2 is better compared to SSL 1.0 ,2.0
04-30-2012 11:28 AM
Put the below in the Vuser_int part
web_set_user("XYZ","Password","Server.name.com"); //the username password and url
web_set_socket_options("SSL+VERSION","TLS"); //depending on your application
web_set_sockets_options("INITIAL_BASIC_AUTH","1"); // depending on the type of authorization.
Then in Action have the remaining part of the script.
Now try to replay this for a few iterations and you will find that the SSL handshake time would have reduced.