From owner-freebsd-isp@FreeBSD.ORG  Fri Oct 22 00:27:51 2004
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BA81A16A4CE
	for <freebsd-isp@freebsd.org>; Fri, 22 Oct 2004 00:27:51 +0000 (GMT)
Received: from util.inch.com (mx.inch.com [216.223.198.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 474F043D55
	for <freebsd-isp@freebsd.org>; Fri, 22 Oct 2004 00:27:51 +0000 (GMT)
	(envelope-from spork@inch.com)
Received: from shell.inch.com (www.inch.com [216.223.192.20])
	i9M0Ro0P011034
	for <freebsd-isp@freebsd.org>; Thu, 21 Oct 2004 20:27:50 -0400 (EDT)
	(envelope-from spork@inch.com)
Received: from shell.inch.com (localhost [127.0.0.1])
	by shell.inch.com (8.12.8p2/8.12.8) with ESMTP id i9M0RnJS078483
	for <freebsd-isp@freebsd.org>; Thu, 21 Oct 2004 20:27:50 -0400 (EDT)
	(envelope-from spork@inch.com)
Received: from localhost (spork@localhost)i9M0RnR4078480
	for <freebsd-isp@freebsd.org>; Thu, 21 Oct 2004 20:27:49 -0400 (EDT)
X-Authentication-Warning: shell.inch.com: spork owned process doing -bs
Date: Thu, 21 Oct 2004 20:27:49 -0400 (EDT)
From: Charles Sprickman <spork@inch.com>
To: freebsd-isp@freebsd.org
Message-ID: <20041021201954.X2588@shell.inch.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: Apache+modssl options
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Oct 2004 00:27:51 -0000

Hi,

Just curious if anyone has any information on getting the most out of
apache+modssl (1.3 branch of apache).  I've been digging around the config
and looking at some of the SSL-specific options.  Also had a look at the
mod_ssl website docs.

There seem to be a number of OS-specific settings that leave me with more
questions than answers.  Does anyone know what is optimal with FreeBSD for
the following:

SSLMutex - port builds with type "file", but "sem" is also an option that
seems better, if supported...

SSLRandomSeed - port builds it with "builtin", but again wondering if
/dev/random or /dev/urandom (and tweaks with rndcontrol) would be better.

SSLSessionCache - port builds with "dbm" method, but "shm" looks like it
might be faster.

Also if anyone has other hints on speeding things up, they are much
appreciated.  Not quite ready for the hardware accel card yet though. :)

Thanks,

Charles

--
Charles Sprickman
spork@inch.com