0

I'm migrating my Windows Server 2008 and SQL Server 2008 instances to Windows Server 2019 and SQL Server 2017. All went well except one issue which took me days to figure out which was HTTPS activation caused slow load within SQL Server.

When I use HTTP, the website load very quickly. When I activate HTTPS it take > 40 seconds to load the same page.

I can't work out why. Is there any setting to activate?

I'm using let's encrypt certificate and it is just a basic installation really nothing extraordinary.

TylerH
  • 20,799
  • 66
  • 75
  • 101
Cem
  • 347
  • 1
  • 5
  • 12
  • I found this: https://forums.iis.net/t/1199019.aspx. It can be becouse the IIS try to validate ssl certificate on each time and I have a webpage which send >20 request so if each time it try to validate the certificate it take a lot of time. How to disable or tell it to do it once? – Cem Oct 31 '19 at 14:51
  • First thing you should do is to replace that certificate and test again. You might use a self signed certificate and make it trusted by the web browser. Once you confirm the slowness indeed comes from that certificate, then you can move on. – Lex Li Oct 31 '19 at 16:03
  • I changed the certificate to self-signed and it didn't work either. And also the self-signed are not supported by chrome, it treat the page as untrusted. – Cem Nov 01 '19 at 07:56

2 Answers2

1

The problem was coming from the IIS where Microsoft integrated HTTP/2 with IIS 10. When it is activated it takes triple time to validate the connection through the SSL. I just deactivated the HTTP/2 and OCSP.

Funniest part is this [Microsoft Docs1 comment:

HTTP/2 is a major upgrade after nearly two decades of HTTP/1.1 use and reduces the impact of latency and connection load on web servers.

enter image description here

TylerH
  • 20,799
  • 66
  • 75
  • 101
Cem
  • 347
  • 1
  • 5
  • 12
  • 1
    Consider the facts like https://serverfault.com/questions/774285/apache2-with-letsencrypt-is-very-slow HTTP/2 slowness can happen to other web servers. – Lex Li Nov 01 '19 at 13:12
0

First of all, please check this in Web browser F12 developer tool. We need to know the low performance is slow in TTFB or just SSL handshake.

enter image description here

If this issue happened on SSL handshake, Then you need to trace it via network monitor.

If the low performance come from TTFB, then please capture Dump files for your web application. You could reproduce this issue and generate dump file every 5 second. By comparing dump file, we would probably find the root cause.

Jokies Ding
  • 3,374
  • 1
  • 5
  • 10