SecureBlackbox 16: Why does the first HTTPS, FTPS, or SMTPS connection to the server take more time than subsequent connections?

Note: This article applies only to SecureBlackbox Legacy. For future development please consider using the latest version.

There can be several reasons for this.

First of all, if you use the TElX509CertificateValidator component to validate server certificates, this component performs the complete certificate chain validation during the first connection. On subsequent connections, it already has some data (e.g., CRLs and cached certificates) and validation is performed almost instantly.

Next, in the .NET edition, when the operation is initiated, the .NET framework loads the back-end assemblies (SecureBlackbox.dll, SecureBlackbox.SSLCommon.dll, and SecureBlackbox.SSLClient.dll) and this takes some time. Subsequent calls are almost instant too.

Finally, the delay can be firewall trouble -- the firewall scans the rule table each time the application takes some action for the first time. On the next connection, the rules are remembered and so processing is faster.

We appreciate your feedback.  If you have any questions, comments, or suggestions about this article please contact our support team at kb@nsoftware.com.