Do you have any good suggestions? Next, I plan to annotate the relevant logs and test them again
Great! Was the ECDSA certificate the solution to the TLS issue? Or was it somehow related to TLS version?
As for logs, is your config the same as above? (It looks like your log level is info.)
Yes, TLS 1.2 added some extra operations when establishing links, obtaining keys, and temporary signatures, as well as using previous cipher suites. These cipher suites do not have the performance advantages of TLS 1.3 in terms of decryption
1 Like
caddyfile is
{
log {
level error
output file /var/log/caddy/access.log
format json {
time_format iso8601
message_key msg
}
}
}
xxx.xxxx.com {
reverse_proxy {
......
}
log {
level error
output file /var/log/caddy/access_other.log
format json {
time_format iso8601
message_key msg
}
}
}
FYI this isn’t an access log, it’s just the main process log.
So you could probably call this one access.log and the other one just caddy.log or process.log or something.
Anyway, it’s not clear to me why it’s using so much CPU… a considerable amount of that time is marshaling the HTTP headers as JSON, but for the middle highlight I’m not sure why a debug log is using so much when it shouldn’t even be used 
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.