SecureBlackbox 16: Why is the first HTTPS, FTPS or SMTPS connection the longest?

Note: This article applies only to SecureBlackbox Legacy. For future development please consider using the latest version.

There can be several reasons for this.

First of all, if you use the TElX509CertificateValidator component to validate server certificates, this component performs complete certificate chain validation during the first connection. On subsequent connections, it already has some data (CRLs and cached certificates) and validation is performed almost instantly.

Next, in the .NET edition, when the operation is initiated, the .NET framework loads the back-end assemblies (SecureBlackbox.dll, SecureBlackbox.SSLCommon.dll, and SecureBlackbox.SSLClient.dll) and this takes some time. Subsequent calls are almost instant too.

Finally, a slow first connection can mean firewall trouble - the firewall scans the rule table each time the application takes some action for the first time. Next, the rules are remembered and so processing is faster.

We appreciate your feedback.  If you have any questions, comments, or suggestions about this article please contact our support team at kb@nsoftware.com.