HTTP与HTTPS性能 [英] HTTP vs HTTPS performance
问题描述
http和https之间的性能有何重大差异?我似乎记得读到HTTPS的速度可以达到HTTP的五分之一。这对当前的网络服务器/浏览器有效吗?如果有的话,有没有支持它的白皮书?
Are there any major differences in performance between http and https? I seem to recall reading that HTTPS can be a fifth as fast as HTTP. Is this valid with the current generation webservers/browsers? If so, are there any whitepapers to support it?
推荐答案
这里有一个非常简单的答案: 分析Web服务器的性能,以了解特定情况下的性能损失。 有几种工具可用于比较HTTP与HTTPS服务器的性能(JMeter和Visual Studio来它们非常容易使用。
There's a very simple answer to this: Profile the performance of your web server to see what the performance penalty is for your particular situation. There are several tools out there to compare the performance of an HTTP vs HTTPS server (JMeter and Visual Studio come to mind) and they are quite easy to use.
没有关于网站性质的一些信息,没有人能给你一个有意义的答案,硬件,软件和网络配置。
No one can give you a meaningful answer without some information about the nature of your web site, hardware, software, and network configuration.
正如其他人所说,由于加密会产生一定程度的开销,但它高度依赖于:
As others have said, there will be some level of overhead due to encryption, but it is highly dependent on:
- 硬件
- 服务器软件
- 动态与静态内容的比率
- 客户与服务器的距离
- 典型会话长度
- 等(我个人最喜欢的)
- 缓存客户行为
- Hardware
- Server software
- Ratio of dynamic vs static content
- Client distance to server
- Typical session length
- Etc (my personal favorite)
- Caching behavior of clients
根据我的经验,对动态内容很重的服务器往往受HTTPS的影响较小,因为加密所花费的时间(与内容生成时间相比,SSL开销是微不足道的。
In my experience, servers that are heavy on dynamic content tend to be impacted less by HTTPS because the time spent encrypting (SSL-overhead) is insignificant compared to content generation time.
服务于可以轻松缓存在内存中的相当少的静态页面的服务器受到影响更高的开销(在一种情况下,吞吐量在内部网上肆虐)。
Servers that are heavy on serving a fairly small set of static pages that can easily be cached in memory suffer from a much higher overhead (in one case, throughput was havled on an "intranet").
编辑:其他几个人提出的一点是SSL握手是HTTPS的主要成本。这是正确的,这就是典型的会话长度和客户端的缓存行为很重要的原因。
One point that has been brought up by several others is that SSL handshaking is the major cost of HTTPS. That is correct, which is why "typical session length" and "caching behavior of clients" are important.
许多非常短的会话意味着握手时间将压倒任何其他性能因素。较长的会话意味着会话开始时会产生握手成本,但后续请求的开销相对较低。
Many, very short sessions means that handshaking time will overwhelm any other performance factors. Longer sessions will mean the handshaking cost will be incurred at the start of the session, but subsequent requests will have relatively low overhead.
客户端缓存可以分几个步骤完成,从大型代理服务器到单个浏览器缓存的任何地方。通常,HTTPS内容不会缓存在共享缓存中(尽管一些代理服务器可以利用中间人类型行为来实现此目的)。许多浏览器会为当前会话缓存HTTPS内容,并且通常会跨会话缓存。非缓存或较少缓存的影响意味着客户端将更频繁地检索相同的内容。这导致为相同数量的用户提供更多请求和带宽。
Client caching can be done at several steps, anywhere from a large-scale proxy server down to the individual browser cache. Generally HTTPS content will not be cached in a shared cache (though a few proxy servers can exploit a man-in-the-middle type behavior to achieve this). Many browsers cache HTTPS content for the current session and often times across sessions. The impact the not-caching or less caching means clients will retrieve the same content more frequently. This results in more requests and bandwidth to service the same number of users.
这篇关于HTTP与HTTPS性能的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
