Обсуждение: SSL question

Поиск
Список
Период
Сортировка

SSL question

От
Yogi Barot
Дата:

Hi,

 

I have few questions for postgresql queries using JDBC.

 

·        Do you have any idea why adding SSL will slow the response time?

·        What is general overhead for SSL enabling in potgresql using JDBC?

·        We have SSL enabled with - Version of openssl we have is 0.9.8 and rhel 5, postgresql version is 9.0.19.

We are seeing 3-7% overhead with SSL on. Need to understand technical reason for it. we use JDBC.  What I found that JDBC does not do compression.

 

Really looking to find details of how postgresql works with ssl with jdbc connection.

 

Appreciate your help.

 

Thanks,

Yogi

 

 

CONFIDENTIALITY WARNING
This communication, including any attachments, is for the exclusive use of addressee and may contain proprietary and/or confidential information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.

AVERTISSEMENT RELATIF À LA CONFIDENTIALITÉ
Ce message, ainsi que les pièces qui y sont jointes, est destiné à l’usage exclusif de la personne à laquelle il s’adresse et peut contenir de l’information personnelle ou confidentielle. Si le lecteur de ce message n’en est pas le destinataire, nous l’avisons par la présente que toute diffusion, distribution, reproduction ou utilisation de son contenu est strictement interdite. Veuillez avertir sur-le-champ l’expéditeur par retour de courrier électronique et supprimez ce message ainsi que toutes les pièces jointes.

Re: SSL question

От
"David G. Johnston"
Дата:
On Fri, Aug 28, 2015 at 9:28 AM, Yogi Barot <YBarot@symcor.com> wrote:

·        Do you have any idea why adding SSL will slow the response time?

We are seeing 3-7% overhead with SSL on. Need to understand technical reason for it. we use JDBC.  What I found that JDBC does not do compression.


​Encryption and decryption takes time...

​David J.

Re: SSL question

От
Yogi Barot
Дата:

Thanks for your quick reply, but 3-7% overhead is this reasonable or we have some issue with application? Need to give better technical reason to management for not enabling SSL.  Our application uses connection pooling so on daily basis only few connections to database.  

 

Thanks,

Yogi

 

From: David G. Johnston [mailto:david.g.johnston@gmail.com]
Sent: Friday, August 28, 2015 9:47 AM
To: Yogi Barot
Cc: pgsql-jdbc@postgresql.org
Subject: Re: [JDBC] SSL question

 

On Fri, Aug 28, 2015 at 9:28 AM, Yogi Barot <YBarot@symcor.com> wrote:

·        Do you have any idea why adding SSL will slow the response time?

We are seeing 3-7% overhead with SSL on. Need to understand technical reason for it. we use JDBC.  What I found that JDBC does not do compression.

 

​Encryption and decryption takes time...

 

​David J.

 

CONFIDENTIALITY WARNING
This communication, including any attachments, is for the exclusive use of addressee and may contain proprietary and/or confidential information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.

AVERTISSEMENT RELATIF À LA CONFIDENTIALITÉ
Ce message, ainsi que les pièces qui y sont jointes, est destiné à l’usage exclusif de la personne à laquelle il s’adresse et peut contenir de l’information personnelle ou confidentielle. Si le lecteur de ce message n’en est pas le destinataire, nous l’avisons par la présente que toute diffusion, distribution, reproduction ou utilisation de son contenu est strictement interdite. Veuillez avertir sur-le-champ l’expéditeur par retour de courrier électronique et supprimez ce message ainsi que toutes les pièces jointes.

Re: SSL question

От
"David G. Johnston"
Дата:
On Fri, Aug 28, 2015 at 9:54 AM, Yogi Barot <YBarot@symcor.com> wrote:

Thanks for your quick reply, but 3-7% overhead is this reasonable


​Sounds reasonable.​

or we have some issue with application?


​Hard to say​ - probably not

Need to give better technical reason to management for not enabling SSL.  


​There is a business/data component​ to the decision as well.

Our application uses connection pooling so on daily basis only few connections to database.  



What does this have to do with the question at hand?

David J.