23/11/2012 Leave a comment
It is a well known issue that if you have a SharePoint and after you recycle the application pool of site or make an iisreset or any movement that force to recycle (web.config modifications etc.),When the first request send to the server , the response of the server is very slow for the first time like 2 minutes. After this first slow reponse ,your server begins responding very quickly. We are calling this duration as warm up state.
So what’s happening in warm up ? In warm up state basically your worker process are getting up, while a worker process is getting up, the necessary assemblies are compiled and loaded , and needed configuration files are read and prepare the process for serving the requests. If your web site has integrated with other sites in same server also may need to warm up sequence for other worker process and the process of our site can wait other process’s warmup to create a reliable response to you. And expected that all this operations could take some time that is depended on your assembly count, configuration, hardware etc.
But what if it is taking more than usual ? For example assume that you have identical sharepoint site hosting in identical two farm and the warm up times are different like first instace of the site hosted server A have 20-30sec warm up and second instance of the site hosted in Server B it takes 180seconds.. So there should be a problem here.
This problem occurs because a .NET Framework 2.0 managed assembly that has an authenticode signature takes longer than usual to load.when loading signed assemblies the .net Framework 2.0 checks the Internet based Certificate Revocation list for verifing these signatures and the signatures is always verified when the .NET Framework 2.0 managed assembly that has an authenticode signature is loaded .And SharePoint has lots of signed assemblies.For some environment if does not have any Access to internet it causes a delay like 2 minutes to respond .
If you collect a process monitor log from your worker process , you may face the time gap bettween fallowing context.
14:57:39,6298324 w3wp.exe 3648 TCP Reconnect SERVERB.postman.local:63017 -> 80-239-149-10.customer.teliacarrier.com:http SUCCESS Length: 0, seqnum: 0, connid: 0 14:57:46,6170930 w3wp.exe 3648 RegCloseKey HKU\S-1-5-21-220523389-842925246-682003330-29313\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections SUCCESS
0 ntoskrnl.exe CmpCallCallBacks + 0x1c0 0xfffff80001a25fc0 C:\Windows\system32\ntoskrnl.exe
1 ntoskrnl.exe ?? ::NNGAKEGL::`string’ + 0x364df 0xfffff800019c28f6 C:\Windows\system32\ntoskrnl.exe
2 ntoskrnl.exe ObfDereferenceObject + 0xd4 0xfffff8000168a3d4 C:\Windows\system32\ntoskrnl.exe
3 ntoskrnl.exe ObpCloseHandleTableEntry + 0xc4 0xfffff80001973b94 C:\Windows\system32\ntoskrnl.exe
4 ntoskrnl.exe ObpCloseHandle + 0×94 0xfffff80001974144 C:\Windows\system32\ntoskrnl.exe
5 ntoskrnl.exe KiSystemServiceCopyEnd + 0×13 0xfffff80001680453 C:\Windows\system32\ntoskrnl.exe
6 ntdll.dll ZwClose + 0xa 0x7748140a C:\Windows\System32\ntdll.dll
7 kernel32.dll RegCloseKey + 0xbc 0x77324cd0 C:\Windows\System32\kernel32.dll
8 winhttp.dll CRegBlob::~CRegBlob + 0x1c 0x7fef98fb768 C:\Windows\System32\winhttp.dll
9 winhttp.dll ReadWinInetProxySettings + 0x1fb 0x7fef990a9f7 C:\Windows\System32\winhttp.dll
10 winhttp.dll WinHttpGetIEProxyConfigForCurrentUser + 0x28a 0x7fef990a674 C:\Windows\System32\winhttp.dll
11 cryptnet.dll InetGetProxy + 0x11e 0x7fef69eae42 C:\Windows\System32\cryptnet.dll
12 cryptnet.dll InetSendAuthenticatedRequestAndReceiveResponse + 0×190 0x7fef69e9237 C:\Windows\System32\cryptnet.dll
13 cryptnet.dll InetSendReceiveUrlRequest + 0x57e 0x7fef69e983d C:\Windows\System32\cryptnet.dll
14 cryptnet.dll CInetSynchronousRetriever::RetrieveObjectByUrl + 0xc4 0x7fef69e9d9c C:\Windows\System32\cryptnet.dll
15 cryptnet.dll InetRetrieveEncodedObject + 0xbf 0x7fef69e29c5 C:\Windows\System32\cryptnet.dll
16 cryptnet.dll CObjectRetrievalManager::RetrieveObjectByUrl + 0x15c 0x7fef69e2ef0 C:\Windows\System32\cryptnet.dll
17 cryptnet.dll CryptRetrieveObjectByUrlWithTimeoutThreadProc + 0xc1 0x7fef69e9acc C:\Windows\System32\cryptnet.dll
18 kernel32.dll BaseThreadInitThunk + 0xd 0x7732652d C:\Windows\System32\kernel32.dll
19 ntdll.dll RtlUserThreadStart + 0x1d 0x7745c521 C:\Windows\System32\ntdll.dll
This proves that the CRL check causes delay. For a resolution you can disable CRL check on .net level
You can find more detail and how to fix it this problem in following KB Article. http://support.microsoft.com/kb/936707
This hotfix adds the generatePublisherEvidence configuration setting to the .NET Framework 2.0. After you apply this hotfix, you can use this configuration setting to disable signature verification in a .NET Framework 2.0 managed application. You can use this configuration setting in an application configuration file. To do this, add the following code to the <ApplicationName>.exe.config file for the .NET Framework 2.0 managed application:
<configuration> <runtime> <generatePublisherEvidence enabled="false"/> </runtime> </configuration>
If your application is hosted in IIS, change one of the following:
NoteOn x64 machines, you must also change one of the following: