Optimizing CFHTTP calls on Linux systems

November 21, 2012 / Altamish Ahmad 10 Comments

While making a cfhttp call to a coldfusion server the apache httpclient library tries to generate a secure random number. It is an operation which depends on the "entropy" of the system.

In case of linux systems (mainly the ones which are freshly installed) it is observed that this operation can be quite time consuming because the system "entropy" is apparently quite low. Hence, as a consequence cfhttp calls will be slow.

Fortunately for people who deploy Coldfusion-10 on linux machines this is not a reason to worry. Just do one of the following:

1. Set this system property to your JVM – if you are using standalone CF installation, you would set it in jvm.config.

“-Djava.security.egd=file:/dev/./urandom”

or

2. In $JAVA_HOME/jre/lib/security/java.security file, change the value of securerandom.source to file:/dev/./urandom 

 

You can also refer to this post by Shilpi, from the ColdFusion team which talks about this issue

 


 


10 comments so far ↓

  • 1 Wil Genovese // Nov 21, 2012 at 8:53 AM
    Would this be true for previous ColdFusion versions?
  • 2 Altamish Ahmad // Nov 21, 2012 at 8:56 AM
    This is only for Coldfusion 10.
  • 3 Henry Ho // Nov 21, 2012 at 6:30 PM
    what's this secure random number? how is it used?
  • 4 gaurav linux // Nov 28, 2012 at 11:39 PM
    really awesome information.. i like this tutorial by you. and i think i am learning from your blog... awesome

    Regards >>

    Gaurav Garg Linux
  • 5 Renaud // Dec 4, 2012 at 2:01 AM
    cfhttp is very slow under linux.
    Even with those options set.
    4 seconds for a simple cfhttp on google.com.
    I don't understand.
  • 6 Patrick // Dec 12, 2012 at 1:55 PM
    Hmm, on my dev box -Djava.security.egd=/dev/urandom was set by default, which one is correct now, with file:/ or w/o?
  • 7 Thankful // Jan 4, 2013 at 11:19 AM
    Thank you! You sir, are an absolute genious!
  • 8 Damien // Jan 18, 2013 at 2:14 AM
    It would be more easier for me to understand if you could explain the secure random number thingy.

    I know ColdFusion doesn't support CentOS, but any plans of providing support for CentOS when ColdFusion 11 ships?
  • 9 Rupesh // Jan 21, 2013 at 5:40 AM
    @Patrick, it should be set with 'file:/' and use the exact setting that Altamish has provided.

    @Damien, SecureRandom is actually used to generate cryptographically secure random numbers. I know that the Apache HttpClient library that we use internally or cfhttp makes use of SecureRandom but I am not sure why. I will need to check the HttpClient source for it. But anyways that is not important.
    The important thing is - if you are seeing your CFHTTP to be very slow and you are on a linux box, make sure to specify these settings to the JVM.
  • 10 replica watches // Mar 24, 2013 at 10:49 PM
    Regardless of whether you believe you could or whether or not you think that you cannot, you're suitable!

Leave a Comment

Leave this field empty:

Blue Mango Theme Design By Mark Aplet

Super Powered by Mango Blog