https delay between “Change Cipher Spec” and “Application Data”
-
21-12-2019 - |
Question
I am using .NET 4.5 on Windows 7 (client) to make https calls to lighttpd running on an embedded system (server).
The first https request is +-120ms slower than subsequent requests. It is normal the first request is slower because the connection is set up and the other requests re-use the existing connection.
When I look in Wireshark I see the following TLSv1 messages:
client -> server: Client Hello
server -> client: Server Hello, Certificate, Server Hello Done
client -> server: Client Key Exchange, Change Cipher Spec, Finished
server -> client: Change Cipher Spec, Finished
This setup process takes about 25ms.
Then it takes 80ms before the Windows machine sends the http request
client -> server: Http Request
Question
Why does it take the Windows machine 80ms to send out the request? Can I reduce this latency?
Note If I send requests using Qt 5.2 (which uses OpenSSL) on the same machine, the setup process takes about 55ms and the Http Request is sent within 1ms.
Solution
(Answering my own question)
During this time .NET validates the server certificate. The validation includes verifying the name and linking the certificate up to a system trusted root CA.
The time cannot be reduced.