Why is the "Siege"-tool not working with HTTPS sites?

Question

I am using Siege 3.0.3 from CentOS 6.4.

My question is : how does 'Siege' supports HTTPS protocol?

So far using this tool the HTTP sites testing is OK.

But, I am facing certain issues (all described below) while dealing with the HTTPS sites.

As suggested by someone, to make HTTPS work I have compiled siege with openssl.

For doing this, I followed the procedure as mentioned in the below site. http://drewsymo.com/how-to/installing-siege-stress-tester-on-centos-6-3/

In brief, I ran the following commands for compiling siege with openssl.

cd /opt
wget http://www.openssl.org/source/openssl-1.0.1e.tar.gz
tar -zxvf openssl-1.0.1e.tar.gz
cd siege-3.0.3
./configure -with-ssl=/opt/openssl-1.0.1e
make && make install

I did not got any warning or errors in the above steps.

But, even after this I am getting the below results while dealing with HTTPs sites using this tool.

ISSUE#1

Whenever I set many hits like 1000, 2000 I get the below error.

"Segmentation fault (core dumped)"

Kindly note I have already ran the "ulimit -n 10000" command to increase the number of open files.

But, this did not helped.

ISSUE#2

[root@localhost ~]# siege --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0" -c10 -r1 -t50S someHTTPSdomain.com
[error] CONFIG conflict: selected time and repetition based testing: No such file or directory
defaulting to time-based testing: 50 seconds
** SIEGE 3.0.3
** Preparing 10 concurrent users for battle.
The server is now under siege...
HTTP/1.1 302   0.09 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.11 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   3.09 secs:       0 bytes ==> GET  /
.....................
.....................
.....................

Then after many such hits exceeding the above defined 10 hits, I had to press Ctrl+C.

After that, it shows,

^C
Lifting the server siege...      done.

Transactions:                      0 hits
Availability:                   0.00 %
Elapsed time:                  18.70 secs
Data transferred:               0.00 MB
Response time:                  0.00 secs
Transaction rate:               0.00 trans/sec
Throughput:                     0.00 MB/sec
Concurrency:                    3.19
Successful transactions:          30
Failed transactions:              28
Longest transaction:           12.10
Shortest transaction:           0.07

FILE: /usr/local/var/siege.log
You can disable this annoying message by editing
the .siegerc file in your home directory; change
the directive 'show-logfile' to false.
[root@localhost ~]#

Why the transactions showing 0 hits always in case of HTTPS sites?

Even after specifying "-c10 -r1" why the scrolling output not stopping for HTTPS sites?

Also, why all the HTTP responses are showing 30X for HTTPS sites?

Why this error "[error] CONFIG conflict: selected time and repetition based testing: No such file or directory defaulting to time-based testing: 50 seconds" keep showing?

Anyway, if I remove the -t50S from the above command I do not get the error "[error] CONFIG conflict: selected time and repetition based testing: No such file or directory defaulting to time-based testing: 50 seconds".

But, still it shows the transactions as 0 hits. See below.

[root@localhost ~]# siege --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0" -c10 -r1 someHTTPSdomain.com
** SIEGE 3.0.3
** Preparing 10 concurrent users for battle.
The server is now under siege...
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.09 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.11 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.07 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.09 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.08 secs:       0 bytes ==> GET  /
HTTP/1.1 302   0.10 secs:       0 bytes ==> GET  /
done.

Transactions:                      0 hits
Availability:                   0.00 %
Elapsed time:                   2.14 secs
Data transferred:               0.00 MB
Response time:                  0.00 secs
Transaction rate:               0.00 trans/sec
Throughput:                     0.00 MB/sec
Concurrency:                    0.40
Successful transactions:          10
Failed transactions:              10
Longest transaction:            0.11
Shortest transaction:           0.07

FILE: /usr/local/var/siege.log
You can disable this annoying message by editing
the .siegerc file in your home directory; change
the directive 'show-logfile' to false.
[root@localhost ~]#

ISSUE#3

Another thing, I noticed if I prefix the HTTPS URL with a "https://" like the below, I get output like this.

[root@localhost ~]# siege --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0" -c10 -r1 https://someHTTPSdomain.com
** SIEGE 3.0.3
** Preparing 10 concurrent users for battle.
The server is now under siege...
done.

Transactions:                      0 hits
Availability:                   0.00 %
Elapsed time:                   1.06 secs
Data transferred:               0.00 MB
Response time:                  0.00 secs
Transaction rate:               0.00 trans/sec
Throughput:                     0.00 MB/sec
Concurrency:                    0.00
Successful transactions:           0
Failed transactions:              10
Longest transaction:            0.00
Shortest transaction:           0.00

FILE: /usr/local/var/siege.log
You can disable this annoying message by editing
the .siegerc file in your home directory; change
the directive 'show-logfile' to false.
[root@localhost ~]#

Simply, no HTTP or other response messages.

I am confused with these results while dealing with the HTTPS sites. Not clear whether I did anything wrong while issuing the commands or it's some bug or limitation of this tool.

I like to mention that in my above commands I have used a valid Windows 8 (using a Firefox browser) useragent by using "--user-agent=" in all the commands. I did like this only to replace the default Siege useragent which is "JoeDog/1.00 [en] (X11; I; Siege 3.0.3)" as this default Siege useragent might be blacklisted in many webservers (not so sure).

Kindly someone guide.

Thanks in advance.

Answer 1

1. can't help with that one

2. I'd guess that if you don't start the URL with "https://", siege would not know to use SSL. (the 's' in https is for 'secure'). So I'd guess the 302s are the server forwarding you to the https URL. If you look farther down from the "0 hits" line, it says 10 successful transactions...those are likely the 302 responses. It also shows 10 failed transactions - so it can't connect using SSL (assuming the forward is simply to the same URL using SSL).

3. Here is says 10 failed transactions, just like the previous. What does /usr/local/var/siege.log contain? Perhaps the failure messages are there?

Answer 2

I had exactly the same issue. I first did a

./configure --with-ssl=/usr/bin/openssl

that is compiling fine but coredumping when trying to use https, this because path to ssl lib has to be provided

./configure --with-ssl=/usr/lib64/openssl

Then siege is able to handle ssl

Answer 3

As another posted said, you have to configure using the --with-ssl option. Additionally, the openssl development headers must be installed. If you don't have the SSL headers ./configure, make and make install will run fine and they will install a working siege binary, but it won't be able to handle HTTPS.