1

I am doing stress tests / load tests on a mobile application using Jmeter. The problem is that when i perform tests using HTTP it works fine, but using HTTPS makes the server go down.

Is there a mechanism included in HTTPS that blocks a load of simultaneous queries ? What can be the problem please ?

EDIT : The question is about Jmeter and the HTTP/HTTPS. Jmeter simulates a query and starts to re send it like 1000, 2000, etc... time for a specified interval. The use of Jmeter and HTTP works, but Jmeter and HTTPS makes the server go down. Is it possible that the HTTPS have an inside mechanism that could classify the test as DoS attack and block it ?

Rahmouni Abdelhak
  • 55
  • 2
  • 11
  • See also [HTTP vs HTTPS performance](https://stackoverflow.com/q/149274/33051) – Zhaph - Ben Duguid Jun 27 '19 at 09:24
  • Possible duplicate of [HTTP vs HTTPS performance](https://stackoverflow.com/questions/149274/http-vs-https-performance) – Zhaph - Ben Duguid Jun 27 '19 at 09:25
  • Different question, explication added – Rahmouni Abdelhak Jun 27 '19 at 09:32
  • what firewall/load balancer and server are you using? – Ori Marko Jun 27 '19 at 09:32
  • The fundamentals are the same though - the answers to that question state that there is usually a very small performance impact when using HTTPS (as the server does the work decrypting the request and encrypting the response), and that will be exacerbated when load testing, which can potentially cause your site to fail. – Zhaph - Ben Duguid Jun 27 '19 at 09:52
  • To be clear - does the site "go down" on the first request (i.e. there's a problem with your SSL configuration), or after some amount of load? If it's after some load, what sort of failures are getting, and what's the behaviour of the server - is the processor maxed out, are you getting connection timeouts, etc.? There's lots of information missing from your question. – Zhaph - Ben Duguid Jun 27 '19 at 09:56
  • 1
    @Zhaph-BenDuguid, just to clarify, its after an amount of load and exactly the application go down because i tried to test with different IPs and the app is always down – Rahmouni Abdelhak Jun 27 '19 at 10:23

1 Answers1

3

Notice that HTTP and HTTPS uses different ports

Different ports can route to different IPs and even application, for example go straight to tomcat without apache server

About performance it depends, but overall ~insignificant

HTTPS requires an initial handshake which can be very slow. The actual amount of data transferred as part of the handshake isn't huge (under 5 kB typically), but for very small requests, this can be quite a bit of overhead. However, once the handshake is done, a very fast form of symmetric encryption is used, so the overhead there is minimal. Bottom line: making lots of short requests over HTTPS will be quite a bit slower than HTTP, but if you transfer a lot of data in a single request, the difference will be insignificant.

Community
  • 1
  • 1
Ori Marko
  • 56,308
  • 23
  • 131
  • 233
  • Different ports yes, but they have the same autorisations ( firewalling side, routing, etc ...) ... a bit slower i agree, but is it enough to make the server go down ? – Rahmouni Abdelhak Jun 27 '19 at 09:25
  • @RahmouniAbdelhak you will have to find the cause for the server been down and we need way more details than the fact that server is down, you can start by checking https://slumpedoverkeyboarddead.com/my-website-is-down-now-what-part-5-sslhttps-issues/ – Ori Marko Jun 27 '19 at 09:31
  • Will check and get back to you – Rahmouni Abdelhak Jun 27 '19 at 09:33