Benchmark performance of Let's Encrypt vs. Cheap SSL certificates


#1

Hi, I was wondering, I already have an SSL certificate and it’s a cheap one, just 10 bucks.
This SSL slows my website when I check the waterfall requests.

Let’s Encrypt have a better performance? I was wondering with anyone have a performance benchmark.

This may help a lot :slight_smile:

Thanks.


#2

Certificates are a negligible part of the performance equation. Basically, if you care about client-side performance, use a 2048-bit RSA key and you’re good to go (as opposed to 4096-bit, which would slow down the initial TLS handshake, or ECDSA keys, which are slightly slower on the client-side, but that doesn’t really have much of an impact in practice). This is what you get by default if you use the reference client. Everything else is about the SSL configuration of your web server and your network layout.

SSL performance tuning is mostly about avoiding unnecessary handshakes by using session resumption and terminating SSL closer to the user (i.e. using a globally-distributed CDN). HTTP/2 is also worth looking at - you basically get https:// with the same (or sometimes even better) performance characteristics as regular http://, depending of course on your site.

https://istlsfastyet.com/ has some great resources on this topic.