HTTPS is considerably slower for time to first request because you have SSL session negotiation: if you test ab with and without -k you should see an enormous boost when reusing the same connection.
In practice this is fine as long as you have your SSL session cache configured (http://wiki.nginx.org/HttpSslModule#ssl_session_cache) since client browsers won't negotiate a new session every time. At that point you're left hoping everyone adopts some of the performance tweaks for avoiding extra round-trips (e.g. http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html) but it's usually manageable for non-realtime apps.
Comment
Thanks for the tip Chris! I'm reading up on it now.
Parent comment
HTTPS is considerably slower for time to first request because you have SSL session negotiation: if you test ab with and without -k you should see an enormous boost when reusing the same connection. In practice this is fine as long as you have your SSL session cache configured (http://wiki.nginx.org/HttpSslModule#ssl_session_cache) since client browsers won't negotiate a new session every time. At that point you're left hoping everyone adopts some of the performance tweaks for avoiding extra round-trips (e.g. http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html) but it's usually manageable for non-realtime apps.