…fast as possible-Artur takes us on a whirlwind tour through, monitoring performance, SSL, perception and more.
Artur's presentation, and stay tuned for updates on next year's FutureStack14-here on the New Relic blog!
A few comments on the above. First, at 1024 bits of SSL encryption, it doesn't make that much difference if you're 40ms away or 170ms away. Second, as latency decreases, the connection-throughput performance lost due to SSL encryption overhead increases. That makes sense, particularly when we consider that in the base cases (two servers on the same LAN, or connections over a TCP socket to the same server), connection throughput performance is dominated by the use (or not) of SSL…
Working for a company that sells SSL certificates , I noticed that this field is often very confusing when you approach it for the first time.
One of the most unclear topic is the number of available certificate types.
In this article I'll quickly explain the differences between the various types you may want to use to secure a website.
To make it simple, you can group SSL certificates by validation level or secured domains/hostnames.
by Validation Level
Support for SSL encryption for just the key and crt files as implemented in Galera can be enabled with encrypt=3 option. This has been implemented in 5.5.34-23.7.6 for compatibility with Galera. Bug Fixed # 1235244 .
Based on …
now has a new configuration setting :verify_api_cert which turns on SSL verification when communicating with Chef Server. Also, Chef now manages a directory on the client for SSL certificates of your Chef servers.
You can check out here to see Dan DeLeo talking about this new feature in detail and our plans of enabling SSL verification by default in Chef.
Check out 11.8.0 to see if any of the changes are impacting your environment. Notes
SSL debugging tools: We want to make it easy to figure out what's going on when trouble strikes. To that end, we're already working on SSL debugging code that will help explain the exact cause of any SSL certificate problems you might encounter.
Warning for the default configuration: As with any breaking change, we want to make sure you have plenty of time to prepare.
Bootstrap support for trusted_certs : In order to make SSL validation possible for users with self-signed …
…connectivity failures that were invisible to us before — for example, issues around, SSL and connections," says Bondi. "It's like we're finally looking at the complete picture for the first time."
READ THE FULL CASE STUDY
Read the full case study to find out how helps RunKeeper meet demand from millions of global end-users to help them maximize their fitness goals.
The post RunKeeperto Meet Demand from 24 …
…able to scale at whim. While I certainly could have taken the time to setupand SSL, and a series of AppServers and , having available was like having an on-demand sysadmin available 24 hours a day.
3. Scaling as a Service
Early on, we had added the AdeptScale service to our production Heroku stack. AdeptScale dynamically increases the number of running web dynos in relation to response time metrics.
If response times increase, more and more …
…app for an IMAP server took me forever, until I realised that it was because the SSL certificate the email server was using was registered to a different domain name. Once I ping'ed the IP address and got the "real" domain name, and used that instead of the alias, it worked. I've never had this issue with any other email app, on Android or Linux or Windows or Mac, which will either carry on regardless or give you a decent error message about why they're …
…not properly required, causing a crash. [ issue #934 . Permissions on the server instance directory are now explicitly set with chmod, so that permissions are correct on systems with a non-default umask. Fixes issue #928 . Allow Phusion Passenger to work properly on systems where the user's does not have a proper entry in /etc/group, such …] There is now builtin support for SSL. Fix a crash when multiple `passenger_pass_header` directives are set. Fixes