PHP Curl when accessing SSL slows down connection. How to correct?












0














After migrating to a new server, our scripts slowed down dramatically.



Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.



This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)



However, now it would pause for 2-100 seconds before showing this in the verbose output:



 CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
ALPN/NPN, server did not agree to a protocol


The speeds would get progressively slower as more curl requests were sent.



I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.



So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.



What would cause this?



Thank you










share|improve this question







New contributor




user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    0














    After migrating to a new server, our scripts slowed down dramatically.



    Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.



    This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)



    However, now it would pause for 2-100 seconds before showing this in the verbose output:



     CAfile: /etc/pki/tls/certs/ca-bundle.crt
    CApath: none
    ALPN/NPN, server did not agree to a protocol


    The speeds would get progressively slower as more curl requests were sent.



    I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.



    So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.



    What would cause this?



    Thank you










    share|improve this question







    New contributor




    user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0







      After migrating to a new server, our scripts slowed down dramatically.



      Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.



      This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)



      However, now it would pause for 2-100 seconds before showing this in the verbose output:



       CAfile: /etc/pki/tls/certs/ca-bundle.crt
      CApath: none
      ALPN/NPN, server did not agree to a protocol


      The speeds would get progressively slower as more curl requests were sent.



      I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.



      So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.



      What would cause this?



      Thank you










      share|improve this question







      New contributor




      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      After migrating to a new server, our scripts slowed down dramatically.



      Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.



      This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)



      However, now it would pause for 2-100 seconds before showing this in the verbose output:



       CAfile: /etc/pki/tls/certs/ca-bundle.crt
      CApath: none
      ALPN/NPN, server did not agree to a protocol


      The speeds would get progressively slower as more curl requests were sent.



      I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.



      So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.



      What would cause this?



      Thank you







      linux php curl openssl aws






      share|improve this question







      New contributor




      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question







      New contributor




      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question






      New contributor




      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 25 mins ago









      user2029890user2029890

      101




      101




      New contributor




      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      user2029890 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "106"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          user2029890 is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493130%2fphp-curl-when-accessing-ssl-slows-down-connection-how-to-correct%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          user2029890 is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          user2029890 is a new contributor. Be nice, and check out our Code of Conduct.













          user2029890 is a new contributor. Be nice, and check out our Code of Conduct.












          user2029890 is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493130%2fphp-curl-when-accessing-ssl-slows-down-connection-how-to-correct%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Accessing regular linux commands in Huawei's Dopra Linux

          Can't connect RFCOMM socket: Host is down

          Kernel panic - not syncing: Fatal Exception in Interrupt