There can be several reasons for this.

First of all, if you use the TElX509CertificateValidator component to validate server certificates, this component performs complete certificate chain validation during the first connection. On subsequent connections, it already has some data (CRLs and cached certificates) and validation is performed almost instantly.

Next, in the .NET edition, when the operation is initiated, the .NET framework loads the back-end assemblies (SecureBlackbox.dll, SecureBlackbox.SSLCommon.dll, and SecureBlackbox.SSLClient.dll) and this takes some time. Subsequent calls are almost instant too.

Finally, a slow first connection can mean firewall trouble - the firewall scans the rule table each time the application takes some action for the first time. Next, the rules are remembered and so processing is faster.