Our server application is extremely slow on some clients. Slowness is decided by rebooting the server, but it returns in a couple of weeks.
The Java processor is always around 100% (out of 200%), all other parameters are fine. Research has shown that most of the processor is consumed by the HandshakeCompletedNotify-Thread. From the tcp dump we can see that SSL handshaking takes 2-8 seconds, which is very long, sometimes a timeout is issued.
Our SSL provider is BSAFE. The server runs on Linux (CentOS), 640 MB heap, 2 cores. Hibernate, spring, Oracle local db
What could be the reasons for this behavior? What can be done to find them?
PS We cannot switch traffic to HTTP from our clients.
Update: the system is completely freed when outgoing connections of the java process are blocked by IP tables. What resource is freed up in such a situation? We see that SSL Handshake often gets stuck at the βChange Cipher Specβ stage. The client (my java process) is trying to reuse the SSL session, but the server is completely stateless, each time it generates a new session.
source
share