This allows TLSv1.3, and let the client select ciphers. After this
change AES is prefered over chacha20, so TLS speed is now much faster.
let key_path = configdir!("/proxy.key");
let cert_path = configdir!("/proxy.pem");
- let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
+ let mut acceptor = SslAcceptor::mozilla_intermediate_v5(SslMethod::tls()).unwrap();
acceptor.set_private_key_file(key_path, SslFiletype::PEM)
.map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?;
acceptor.set_certificate_chain_file(cert_path)
static BENCHMARK_RESULT_2020_TOP: BenchmarkResult = BenchmarkResult {
tls: Speed {
speed: None,
- top: 1_000_000.0 * 690.0, // TLS to localhost, AMD Ryzen 7 2700X
+ top: 1_000_000.0 * 1235.0, // TLS to localhost, AMD Ryzen 7 2700X
},
sha256: Speed {
speed: None,