Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-2058

Traffic server fails to start with lots of SNI ssl certs defined

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • None
    • Performance, SSL
    • None

    Description

      Running into an issue with SNI under 3.2.4 - with 100k ssl certs defined in ssl_multicert.config with the following format: ssl_cert_name=<cert> Traffic server will never start. It looks like it keeps getting killed by traffic_cop.

      It looks like succesfull startup will take ~2minutes for 100k ssl certs on my machine and about 15 seconds for 40k ssl certs. I would like to try to get to one million ssl certs defined with traffic server able to start successfully. Anything that could be done to increase the speed and allow that amount of SSL certs defined to start successfully would be much appreciated.

      Attachments

        1. TS-2058-hacked-up.diff
          3 kB
          James Peach

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. TS-2490 traffic_cop kills TS process before it completes starting

          • Major - Major loss of function.
          • Closed
          is superceded by

          Improvement - An improvement or enhancement to an existing feature or task. TS-3006 Augment SNI callback processing

          • Major - Major loss of function.
          • Closed

          Activity

            People

              shinrich Susan Hinrichs
              klindgren Kris Lindgren
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: