Slow initial connection on https connects

Nov 22

Our most busy server sometimes showed long connection times after we changed the default protocol from http to https.

This server is running Apache 2.4.10 on Debian Wheezy, and the slow connection times manifested themselves after periods of higher than normal load, but far from being critical.

I have tried a lot of different things, like incrementing the number of Apache processes, limiting the number of concurrent outgoing mails (the server sends about 20.000 emails every day), and also adding more memory to the system – but nothing helped.

Unfortunately, http/2 is not available with this Apache version, and I don’t like to backport from a newer Debian version. The same is true for ALPN and NPN – both not available in the installed Apache version.

The solution was to enable OCSP stapling:

SSLUseStapling on
SSLStaplingCache shmcb:/tmp/stapling_cache(128000)

Now the maximum connection times are down to about 5 seconds in the most busy periods, instead of reaching 20 seconds and more. In times of normal load the connection times are below 0.1 seconds.

As test I can recommend the SSLLabs test by Qualys:

Debian 9 Stretch, PHP 7 and Microsoft SQL Server access

Nov 12

Microsoft supports SQL Server access from Linux and PHP 7, but unfortunately not with Debian 9 Stretch, but only for Debian 8 (and Ubuntu 15.10, Ubuntu 16.10, Ubuntu 6.04, RedHat 7 and MacOS).


I have tried to use the PDO Sybase drivers (package php7.0-sybase), but was not able to connect.

Then I found the page and have done the following:

pecl install sqlsrv-5.1.1preview
pecl install pdo_sqlsrv-5.1.1preview

The build failed until I installed the package unixodbc-dev
apt-get install unixodbc-dev

To enable the both modules in Apache2, I have done also the following:
cd /etc/php/7.0/mods-available
cp pdo_dblib.ini pdo_sqlsrv.ini
cp pdo_dblib.ini sqlsrv.ini

changed the contents of the files to list the appropriate -so file ( and,
cd /etc/php/7.0/apache2/conf.d
ln -s /etc/php/7.0/mods-available/sqlsrv.ini 20-sqlsrv.ini
ln -s /etc/php/7.0/mods-available/pdo_sqlsrv.ini 20-pdo_sqlsrv.ini

and restarted Apache2.

Now, my test function returned that the ODBC driver was missing.
I have downloaded then the Debian 8 version and installed the driver and the tools:
apt-get install unixodbc
dpkg -i msodbcsql_13.1.9.1-1_amd64.deb
dpkg -i mssql-tools_14.0.7.0-1_amd64.deb

After this, I was able to connect to the SQL server and run a select statement.

$conn = new PDO("sqlsrv:Server=$myserverName;Database=$myDB", $myUser, $myPass);