Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Perf Issue with passing CA certs in Agent Options for HTTPS calls vs NODE_EXTRA_CA_CERTS #52549

Open
mdathrika opened this issue Apr 15, 2024 · 0 comments
Open

Perf Issue with passing CA certs in Agent Options for HTTPS calls vs NODE_EXTRA_CA_CERTS #52549

mdathrika opened this issue Apr 15, 2024 · 0 comments
Labels
https Issues or PRs related to the https subsystem. performance Issues and PRs related to the performance of Node.js.

Comments

@mdathrika
Copy link

mdathrika commented Apr 15, 2024
edited by VoltrexKeyva

Version

18.x

Platform

Ubuntu, Mac

Subsystem

No response

What steps will reproduce the bug?

addCACert() has bottleneck when HTTPS endpoint is called with https.agent.ca option using https, when we switch to using NODE_EXTRA_CA_CERTS environment variable, we do not see addCACert() bottleneck.

With agent.ca options pointing to CA certs

const https = require('https');
const fs = require('fs');

// Read the CA certificate file (replace 'ca.pem' with your actual CA certificate file path)
const caCert = fs.readFileSync('ca.pem');

// Create an agent with the CA certificate
const agent = new https.Agent({
  ca: caCert
});

function callHttpsService(url) {
    https.get(url, { agent: agent }, (res) => {
        let data = '';

        // A chunk of data has been received.
        res.on('data', (chunk) => {
            data += chunk;
        });

        // The whole response has been received. Print out the result.
        res.on('end', () => {
            console.log(data);
        });

    }).on("error", (err) => {
        console.log("Error: " + err.message);
    });
}

callHttpsService('https://example.com');
image-2024-03-14-18-09-42-261

With NODE_EXTRA_CA_CERTS env variable pointing to CA certs

export NODE_EXTRA_CA_CERTS=/path/to/cert.pem && node index.js
// index.js
const https = require('https');

function callHttpsService(url) {
    https.get(url, { agent: agent }, (res) => {
        let data = '';

        // A chunk of data has been received.
        res.on('data', (chunk) => {
            data += chunk;
        });

        // The whole response has been received. Print out the result.
        res.on('end', () => {
            console.log(data);
        });

    }).on("error", (err) => {
        console.log("Error: " + err.message);
    });
}

callHttpsService('https://example.com');
image-2024-03-14-18-10-44-663

How often does it reproduce? Is there a required condition?

This is introduced in Node 16.x and seen in Node 18.x & Node 20.x. For every request.

What is the expected behavior? Why is that the expected behavior?

image-2024-03-14-18-10-44-663

What do you see instead?

image-2024-03-14-18-09-42-261

Additional information

No response
@RedYetiDev RedYetiDev added performance Issues and PRs related to the performance of Node.js. https Issues or PRs related to the https subsystem. labels Apr 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
https Issues or PRs related to the https subsystem. performance Issues and PRs related to the performance of Node.js.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mdathrika @RedYetiDev