Hello,
If somebody is using Kamailio in a larger environment with TLS, this new technical analysis and performance report from haproxy could be interesting: https://www.haproxy.com/blog/state-of-ssl-stacks
The bottom-line - OpenSSL 3.0 will show serious performance regressions for larger TLS services with higher performance requirements. OpenSSL 3.1 and newer versions are a bit better, but still much slower in key operations. You should consider using the tls_wolfssl module or stay on OpenSSL 1.1.1. For the medium- to long-term we probably should observe how other OpenSSL libraries are developing and act accordingly for the tls modules.
The haproxy project recommends besides using wolfssl also the aws-lc library. The situation regarding OpenSSL 3.x seems to be not easily fixable, as these regressions are caused from internal design decisions.
Cheers,
Henning
-- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://gilawa.comhttps://gilawa.com/