PHP Curl when accessing SSL slows down connection. How to correct?
After migrating to a new server, our scripts slowed down dramatically.
Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.
This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)
However, now it would pause for 2-100 seconds before showing this in the verbose output:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
ALPN/NPN, server did not agree to a protocol
The speeds would get progressively slower as more curl requests were sent.
I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.
So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.
What would cause this?
Thank you
linux php curl openssl aws
New contributor
add a comment |
After migrating to a new server, our scripts slowed down dramatically.
Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.
This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)
However, now it would pause for 2-100 seconds before showing this in the verbose output:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
ALPN/NPN, server did not agree to a protocol
The speeds would get progressively slower as more curl requests were sent.
I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.
So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.
What would cause this?
Thank you
linux php curl openssl aws
New contributor
add a comment |
After migrating to a new server, our scripts slowed down dramatically.
Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.
This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)
However, now it would pause for 2-100 seconds before showing this in the verbose output:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
ALPN/NPN, server did not agree to a protocol
The speeds would get progressively slower as more curl requests were sent.
I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.
So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.
What would cause this?
Thank you
linux php curl openssl aws
New contributor
After migrating to a new server, our scripts slowed down dramatically.
Some troubleshooting showed that the slowdown occurred during Curl connections as the server was trying to load the SSL cert. Results were the same regardless of which 3rd party site or API was being accessed.
This is on an Amazon EC2 Linux instance. The certificates were provided with the server. These same scripts worked fine on another server (which is no longer active)
However, now it would pause for 2-100 seconds before showing this in the verbose output:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
ALPN/NPN, server did not agree to a protocol
The speeds would get progressively slower as more curl requests were sent.
I then added curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); and the problem went away! Speeds back to normal.
So, it seems something about how it reads the SSL cert is slowing it down as it tries to negotiate a protocol.
What would cause this?
Thank you
linux php curl openssl aws
linux php curl openssl aws
New contributor
New contributor
New contributor
asked 25 mins ago
user2029890user2029890
101
101
New contributor
New contributor
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
user2029890 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493130%2fphp-curl-when-accessing-ssl-slows-down-connection-how-to-correct%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
user2029890 is a new contributor. Be nice, and check out our Code of Conduct.
user2029890 is a new contributor. Be nice, and check out our Code of Conduct.
user2029890 is a new contributor. Be nice, and check out our Code of Conduct.
user2029890 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493130%2fphp-curl-when-accessing-ssl-slows-down-connection-how-to-correct%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown