Slow SSL session initialization due to parallel load of files
Posted: Tue Jan 09, 2024 1:25 pm
Hello ESP32 forum,
I am looking for some idea how to speed up the initial loading an https website provided by an ESP32. The speed of the processor was maxed out and the SSL performance optimized (e.g. by choosing the best performing encryption). I am able to complete the SSL initialization/handshake in only 1.3-1.4 seconds.
The initial load of the website however last longer than 10s. The network analyzer from the Firefox developer tools gave me a good idea what might be the reason:
After loading the initial index.html there are 5 more files which are loaded in parallel. Each of these javascript and stylesheet file seam to do a full SSL initialization again and because there is no parallelization in SSL it extends the website loading by 5*1.3s=6.5s!
I would expect that after the first SSL handshake is completed all further files can be loaded without initialization handshake (like the speed of the png-files at the end). But somehow the efficient parallel load makes it actually less efficient. Any idea how I can configure this in the webserver configuration or via HTTP directive?
My HTTPS configuration in esp-idf is the following:
I am looking for some idea how to speed up the initial loading an https website provided by an ESP32. The speed of the processor was maxed out and the SSL performance optimized (e.g. by choosing the best performing encryption). I am able to complete the SSL initialization/handshake in only 1.3-1.4 seconds.
The initial load of the website however last longer than 10s. The network analyzer from the Firefox developer tools gave me a good idea what might be the reason:
After loading the initial index.html there are 5 more files which are loaded in parallel. Each of these javascript and stylesheet file seam to do a full SSL initialization again and because there is no parallelization in SSL it extends the website loading by 5*1.3s=6.5s!
I would expect that after the first SSL handshake is completed all further files can be loaded without initialization handshake (like the speed of the png-files at the end). But somehow the efficient parallel load makes it actually less efficient. Any idea how I can configure this in the webserver configuration or via HTTP directive?
My HTTPS configuration in esp-idf is the following:
Code: Select all
httpd_ssl_config_t conf = HTTPD_SSL_CONFIG_DEFAULT();
conf.httpd.max_open_sockets = MAX_SOCKET_CLIENTS;
conf.httpd.backlog_conn = MAX_SOCKET_CLIENTS * 5;
conf.httpd.max_uri_handlers = 17;
conf.httpd.uri_match_fn = httpd_uri_match_wildcard;
conf.httpd.core_id = 1;