From d96029eeeff64dda74a95aedc32d0fada1aa05d9 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 14:37:41 +0200
Subject: [PATCH 01/32] try nginx

---
 scenarios/tls.benchmarks.yml                  | 26 +++++++++++++++
 src/BenchmarksApps/TLS/Nginx/Dockerfile       | 16 ++++++++++
 src/BenchmarksApps/TLS/Nginx/config/cert.pem  | 23 +++++++++++++
 src/BenchmarksApps/TLS/Nginx/config/key.pem   | 28 ++++++++++++++++
 .../TLS/Nginx/config/nginx.conf               | 32 +++++++++++++++++++
 src/BenchmarksApps/TLS/Nginx/invoke.ps1       |  1 +
 src/BenchmarksApps/TLS/Nginx/start-nginx.sh   |  6 ++++
 7 files changed, 132 insertions(+)
 create mode 100644 src/BenchmarksApps/TLS/Nginx/Dockerfile
 create mode 100644 src/BenchmarksApps/TLS/Nginx/config/cert.pem
 create mode 100644 src/BenchmarksApps/TLS/Nginx/config/key.pem
 create mode 100644 src/BenchmarksApps/TLS/Nginx/config/nginx.conf
 create mode 100644 src/BenchmarksApps/TLS/Nginx/invoke.ps1
 create mode 100644 src/BenchmarksApps/TLS/Nginx/start-nginx.sh

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 8e7f50e20..6a68ad549 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -58,6 +58,19 @@ jobs:
       certValidationConsoleEnabled: false
       statsEnabled: false  
 
+  dockerLinuxNginxServer:
+    sources:
+      dockerNginx:
+        repository: https://github.com/aspnet/benchmarks.git
+        branchOrCommit: main
+    dockerFile: dockerNginx/src/BenchmarksApps/TLS/Nginx/Dockerfile
+    dockerImageName: dockerNginx
+    dockerContextDirectory: dockerNginx/src/BenchmarksApps/TLS/Nginx
+    port: 8080
+    readyStateText: Application started.
+    environmentVariables:
+      urls: "https://*:8080" # any ip, port 8080
+
 scenarios:
 
 # HTTP.SYS
@@ -221,6 +234,19 @@ scenarios:
       job: dockerLinuxKestrelServer
       # openssl version is already pre-installed with base image (latest)
       dockerFile: dockerKestrel/src/BenchmarksApps/TLS/Kestrel/Dockerfile.azurelinux
+    load:
+      job: httpclient
+      variables:
+        path: /hello-world
+        serverPort: 8080
+        presetHeaders: connectionclose
+        connections: 32
+        serverScheme: https
+        sslProtocol: tls12
+
+  tls-handshakes-docker-nginx:
+    application:
+      job: dockerLinuxNginxServer
     load:
       job: httpclient
       variables:
diff --git a/src/BenchmarksApps/TLS/Nginx/Dockerfile b/src/BenchmarksApps/TLS/Nginx/Dockerfile
new file mode 100644
index 000000000..c9a17a830
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/Dockerfile
@@ -0,0 +1,16 @@
+FROM nginx:latest
+
+# Copy configuration and SSL certificates
+COPY config/nginx.conf /etc/nginx/nginx.conf
+COPY config/cert.pem /etc/nginx/certs/cert.pem
+COPY config/key.pem /etc/nginx/certs/key.pem
+COPY start-nginx.sh /start-nginx.sh
+
+# Make the script executable
+RUN chmod +x /start-nginx.sh
+
+# Expose port 8080 for HTTPS traffic
+EXPOSE 8080
+
+# Run the startup script
+CMD ["/start-nginx.sh"]
\ No newline at end of file
diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert.pem b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
new file mode 100644
index 000000000..53420fb0c
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID4zCCAsugAwIBAgIUXZ/RatnLCGSyEQYJj/ctBqp2uwYwDQYJKoZIhvcNAQEL
+BQAwgYAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdSZWRtb25kMRAwDgYDVQQHDAdS
+ZWRtb25kMQswCQYDVQQKDAJNUzELMAkGA1UECwwCTVMxCzAJBgNVBAMMAk1TMSYw
+JAYJKoZIhvcNAQkBFhdtaWNyb3NvZnRAbWljcm9zb2Z0LmNvbTAeFw0yNTAzMzEx
+MjIwMjNaFw0yNjAzMzExMjIwMjNaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
+UmVkbW9uZDEQMA4GA1UEBwwHUmVkbW9uZDELMAkGA1UECgwCTVMxCzAJBgNVBAsM
+Ak1TMQswCQYDVQQDDAJNUzEmMCQGCSqGSIb3DQEJARYXbWljcm9zb2Z0QG1pY3Jv
+c29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeEyMK3LRh
+Y1cvCx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1Nhoxc
+KL7MWDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0
+djylq+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPr
+aE0jZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/
+6FPP1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDB
+RvvfmhemeprTAgMBAAGjUzBRMB0GA1UdDgQWBBT/SqxDOGjMBxQIDeOGZqUDPmmr
+XTAfBgNVHSMEGDAWgBT/SqxDOGjMBxQIDeOGZqUDPmmrXTAPBgNVHRMBAf8EBTAD
+AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBPbCDT2dGIPO/0Cns1KtwECbd8FVYFhL2F
+4j9JW/BUTb4eEFX2U4HAmR+6+52em/S92q5aI7D2NiQIKPBpZQT66QW9QkB8iQM5
+Gq2UVcONVDYSaqGtuPzc9LijeMcJUB+YpArGoBypZfylvf9ksPEfYstR6Nx/3Pmt
+xSJfpsss6ddH7WStaRgH5yhZYZYy0coduzX5rZOkoq1C8aImlhjZHmycNCFi28Sx
+bIwu+MmK1pR6Wuj7DskHAXFPHAJx/WhX87XQBO8aUL1UCvsbRKL7LfnQxKur1NNo
+JpHk99O9VVpDW/P1ZE7IdPLFKlE2qyskr94hWGElpiFuCkC+lkOM
+-----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key.pem b/src/BenchmarksApps/TLS/Nginx/config/key.pem
new file mode 100644
index 000000000..3d9a00bda
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/config/key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeEyMK3LRhY1cv
+Cx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1NhoxcKL7M
+WDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0djyl
+q+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPraE0j
+ZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/6FPP
+1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDBRvvf
+mhemeprTAgMBAAECggEAHNcW/KNZ0a7jODUKVPulMJeTKf7TJbuywP7AF7SH7Uuv
+gvQwjGBA/M7A61lKCLHJcUCsi6lxsFrKvNOXk9y6L2MdQiHOqb9fPa4bz/s1GRfA
+riHXHd0wdZOWY5UkNFcPfq1pcLXE9i/gTsW2M8r+1Xh8dVGrz9C9pX2hHZGea5nM
+YRybhdpsqF0ul2jRy/KL6MRtyBJ0tQK7xhxUBpj4bbEFlU2DwSVkjxNcXHsF+/S8
+fIsLNwX4XZyjw8FDITe8OeVSQSV2E5LbXAz1MMFWqdWRNhfOHeQB+HuvpT83P316
+XUgOt1m3fLE/bbr+7uV1ixunJleskNMaQfmiskAQkQKBgQDRI8Nb+sStQRoPNsZW
+iuXH9Y/OopPv2zlKRBsktG/uixZAtIYbTxnqqLatARht3kBk7SiRWvnGHDdPi5xM
+8HdsNr8naadphzn6WD1DdFTxyJmCn/zYMh6jUTeQGQ1zitOpZajXhcJYqeD/bvxM
+mPd/Vm6aUpdkpwIaPHmfz3hcSQKBgQDBfkrcXT12ql29YfEgnyaCZWhtaMFFi+yf
+jedXDto0VOpc8HDVWpddNDOvzIDTcgP5iMApPFy5JCz1WU/FeWazsaQBTfzkQ/nt
+q2YAXqf2ckqdtITHxtih6MNMPIVE6e0M00xZ7qEjk9wGTl/4jevA0tFMV+OjKUjc
+paJTvramOwKBgElQXiWaTOPnVHlM3E5uNorYPGdVesK0eOrd4R4G2s4ml9Bq+DAO
+lKk8J32SSrwJE03ODVCXMcQPFBygdlRKX7LhpjTsxrEppFtsH13MJBL2HUo7R2mK
+eE8MI4wyHBMK8ZQKfRvAWha2xpcEkxFO9kP/SppypXu1R/lmhcRN+IVxAoGANChZ
+AaHYqZ4u+pfmKcb82HWBesycHKUlObVEwQDt7OFe84KUx85NswAZVrAnodfAHomw
+Uu1EiVupCtHyYObiulmOPhPJsbZpLpnfOwZI/HO+jVhV2oxNZQebbXd67SKplaV3
+lV5v7Wk0DDcgQ53uCOJLLOscH6VHUMMNSMnF7nUCgYA/8L38d5OcuEAOVno4E0C8
+r1USD1d+ZT5mJtbROpVXleIj/aoDdKKfLI0abBS47m7QEau8oKqAg1+5T4c8neR8
+FIcWQTg50rqO8dx7I05gQU5KamdFK3jpM4MBzrH0UK7PUeZ0L72okCYdhLMK3b20
+bvbOPOA68ZvvEDn9VA9Pkw==
+-----END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
new file mode 100644
index 000000000..8b95b5305
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -0,0 +1,32 @@
+events {}
+
+http {
+    # to log SSL context around request
+    log_format ssl_logs '$remote_addr - $remote_user [$time_local] "$request" '
+                        '$status $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for" '
+                        '[$ssl_protocol] [$ssl_cipher]';
+
+    access_log /var/log/nginx/access.log ssl_logs;
+
+    server {
+        listen 8080 ssl;
+        listen [::]:8080 ssl;
+        server_name YOUR_IP;
+
+        ssl_certificate /etc/nginx/certs/cert.pem;
+        ssl_certificate_key /etc/nginx/certs/key.pem;
+
+        # returns default nginx page
+        location / {
+            root /usr/share/nginx/html;
+            index index.html;
+        }
+
+        # returns plain text response
+        location /hello-world {
+            return 200 'Hello World!';
+            add_header Content-Type text/plain;
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/BenchmarksApps/TLS/Nginx/invoke.ps1 b/src/BenchmarksApps/TLS/Nginx/invoke.ps1
new file mode 100644
index 000000000..75ae8bdb8
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/invoke.ps1
@@ -0,0 +1 @@
+curl -v https://127.0.0.1:8080 --insecure
\ No newline at end of file
diff --git a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
new file mode 100644
index 000000000..52cbc3e2d
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+# Log the application start to stdout
+echo "$(date) - Application started."
+
+# Start Nginx
+nginx -g "daemon off;"
\ No newline at end of file

From 7a3c5f5b5a77e606e4249369a0fc52843d0ca473 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 15:54:58 +0200
Subject: [PATCH 02/32] logging

---
 src/BenchmarksApps/TLS/Nginx/Dockerfile        | 6 ++++++
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 2 +-
 src/BenchmarksApps/TLS/Nginx/start-nginx.sh    | 8 +++-----
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/BenchmarksApps/TLS/Nginx/Dockerfile b/src/BenchmarksApps/TLS/Nginx/Dockerfile
index c9a17a830..d7150f7e9 100644
--- a/src/BenchmarksApps/TLS/Nginx/Dockerfile
+++ b/src/BenchmarksApps/TLS/Nginx/Dockerfile
@@ -1,5 +1,11 @@
 FROM nginx:latest
 
+# Define build argument
+ARG SSL_LOGGING_ENABLED=false
+
+# Set environment variable from ARG
+ENV SSL_LOGGING_ENABLED=${SSL_LOGGING_ENABLED}
+
 # Copy configuration and SSL certificates
 COPY config/nginx.conf /etc/nginx/nginx.conf
 COPY config/cert.pem /etc/nginx/certs/cert.pem
diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index 8b95b5305..39e84d951 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -7,7 +7,7 @@ http {
                         '"$http_user_agent" "$http_x_forwarded_for" '
                         '[$ssl_protocol] [$ssl_cipher]';
 
-    access_log /var/log/nginx/access.log ssl_logs;
+    access_log /var/log/nginx/access.log ssl_logs if=$SSL_LOGGING_ENABLED;
 
     server {
         listen 8080 ssl;
diff --git a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
index 52cbc3e2d..aa90d2170 100644
--- a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
+++ b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
@@ -1,6 +1,4 @@
 #!/bin/bash
-# Log the application start to stdout
-echo "$(date) - Application started."
-
-# Start Nginx
-nginx -g "daemon off;"
\ No newline at end of file
+export SSL_LOGGING_ENABLED=${SSL_LOGGING_ENABLED}
+echo "$(date) - Application started. Logging: $LOGGING"
+nginx -g "daemon off;" # start nginx
\ No newline at end of file

From 15a55efaf2bac468dfbcf5aa69e7e55a3bed88f5 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 15:55:29 +0200
Subject: [PATCH 03/32] add to scenario config

---
 scenarios/tls.benchmarks.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 6a68ad549..5e18d00b9 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -247,6 +247,8 @@ scenarios:
   tls-handshakes-docker-nginx:
     application:
       job: dockerLinuxNginxServer
+      buildArguments:
+        - SSL_LOGGING_ENABLED=false
     load:
       job: httpclient
       variables:

From f1b6034ed1225f2036dcb585f3cf57e85c955612 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 15:59:28 +0200
Subject: [PATCH 04/32] try copilot advice

---
 src/BenchmarksApps/TLS/Nginx/Dockerfile        | 4 ++--
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 3 ++-
 src/BenchmarksApps/TLS/Nginx/start-nginx.sh    | 8 +++++++-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/BenchmarksApps/TLS/Nginx/Dockerfile b/src/BenchmarksApps/TLS/Nginx/Dockerfile
index d7150f7e9..9be5be5b5 100644
--- a/src/BenchmarksApps/TLS/Nginx/Dockerfile
+++ b/src/BenchmarksApps/TLS/Nginx/Dockerfile
@@ -1,9 +1,9 @@
 FROM nginx:latest
 
-# Define build argument
+# Define the ARG variable
 ARG SSL_LOGGING_ENABLED=false
 
-# Set environment variable from ARG
+# Set the ENV variable based on the ARG variable
 ENV SSL_LOGGING_ENABLED=${SSL_LOGGING_ENABLED}
 
 # Copy configuration and SSL certificates
diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index 39e84d951..e47cedd5d 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -7,7 +7,8 @@ http {
                         '"$http_user_agent" "$http_x_forwarded_for" '
                         '[$ssl_protocol] [$ssl_cipher]';
 
-    access_log /var/log/nginx/access.log ssl_logs if=$SSL_LOGGING_ENABLED;
+    # uncomment to get logs about TLS
+    access_log /var/log/nginx/access.log ssl_logs {{SSL_LOGGING_ENABLED}};
 
     server {
         listen 8080 ssl;
diff --git a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
index aa90d2170..3863f1cef 100644
--- a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
+++ b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
@@ -1,4 +1,10 @@
 #!/bin/bash
-export SSL_LOGGING_ENABLED=${SSL_LOGGING_ENABLED}
+# Replace the placeholder in the nginx.conf.template with the actual value of SSL_LOGGING_ENABLED
+if [ "$SSL_LOGGING_ENABLED" = "true" ]; then
+    sed 's|{{SSL_LOGGING_ENABLED}}|if=$SSL_LOGGING_ENABLED|g' /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf
+else
+    sed 's|{{SSL_LOGGING_ENABLED}}||g' /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf
+fi
+
 echo "$(date) - Application started. Logging: $LOGGING"
 nginx -g "daemon off;" # start nginx
\ No newline at end of file

From 844a869f67595e2e13202409f3d782d91005fce0 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 16:02:42 +0200
Subject: [PATCH 05/32] disable tmp

---
 scenarios/tls.benchmarks.yml                   | 4 ++--
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 3 +--
 src/BenchmarksApps/TLS/Nginx/start-nginx.sh    | 7 -------
 3 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 5e18d00b9..090f8571d 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -247,8 +247,8 @@ scenarios:
   tls-handshakes-docker-nginx:
     application:
       job: dockerLinuxNginxServer
-      buildArguments:
-        - SSL_LOGGING_ENABLED=false
+      # buildArguments:
+      # - SSL_LOGGING_ENABLED=false
     load:
       job: httpclient
       variables:
diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index e47cedd5d..f7270003f 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -7,8 +7,7 @@ http {
                         '"$http_user_agent" "$http_x_forwarded_for" '
                         '[$ssl_protocol] [$ssl_cipher]';
 
-    # uncomment to get logs about TLS
-    access_log /var/log/nginx/access.log ssl_logs {{SSL_LOGGING_ENABLED}};
+    # access_log /var/log/nginx/access.log ssl_logs;
 
     server {
         listen 8080 ssl;
diff --git a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
index 3863f1cef..053cccaa7 100644
--- a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
+++ b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
@@ -1,10 +1,3 @@
 #!/bin/bash
-# Replace the placeholder in the nginx.conf.template with the actual value of SSL_LOGGING_ENABLED
-if [ "$SSL_LOGGING_ENABLED" = "true" ]; then
-    sed 's|{{SSL_LOGGING_ENABLED}}|if=$SSL_LOGGING_ENABLED|g' /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf
-else
-    sed 's|{{SSL_LOGGING_ENABLED}}||g' /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf
-fi
-
 echo "$(date) - Application started. Logging: $LOGGING"
 nginx -g "daemon off;" # start nginx
\ No newline at end of file

From 5c58b9463f88d06d6b7c1629c7dc7f22e3512cb3 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 16:09:51 +0200
Subject: [PATCH 06/32] add wrk config

---
 scenarios/tls.benchmarks.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 090f8571d..901a48e71 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -1,6 +1,7 @@
 imports:
   - https://raw.githubusercontent.com/dotnet/crank/main/src/Microsoft.Crank.Jobs.Bombardier/bombardier.yml
   - https://raw.githubusercontent.com/dotnet/crank/main/src/Microsoft.Crank.Jobs.HttpClient/httpclient.yml
+  - https://github.com/dotnet/crank/blob/main/src/Microsoft.Crank.Jobs.Wrk/wrk.yml?raw=true
   - https://github.com/aspnet/Benchmarks/blob/main/scenarios/aspnet.profiles.yml?raw=true
   - https://github.com/aspnet/Benchmarks/blob/main/build/azure.profile.yml?raw=true
 

From 56064106d9c0a5fb0f01a37a5e81aeaccee8a0ba Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 16:12:07 +0200
Subject: [PATCH 07/32] try wrk?

---
 scenarios/tls.benchmarks.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 901a48e71..032e80ad9 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -251,11 +251,11 @@ scenarios:
       # buildArguments:
       # - SSL_LOGGING_ENABLED=false
     load:
-      job: httpclient
+      job: wrk
       variables:
         path: /hello-world
         serverPort: 8080
         presetHeaders: connectionclose
         connections: 32
         serverScheme: https
-        sslProtocol: tls12
\ No newline at end of file
+        # sslProtocol: tls12
\ No newline at end of file

From 48a7b5409445d1128164e3e0b44799237d842379 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 16:13:51 +0200
Subject: [PATCH 08/32] add log for ssl again + httpclient

---
 scenarios/tls.benchmarks.yml                   | 4 ++--
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 032e80ad9..901a48e71 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -251,11 +251,11 @@ scenarios:
       # buildArguments:
       # - SSL_LOGGING_ENABLED=false
     load:
-      job: wrk
+      job: httpclient
       variables:
         path: /hello-world
         serverPort: 8080
         presetHeaders: connectionclose
         connections: 32
         serverScheme: https
-        # sslProtocol: tls12
\ No newline at end of file
+        sslProtocol: tls12
\ No newline at end of file
diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index f7270003f..8b95b5305 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -7,7 +7,7 @@ http {
                         '"$http_user_agent" "$http_x_forwarded_for" '
                         '[$ssl_protocol] [$ssl_cipher]';
 
-    # access_log /var/log/nginx/access.log ssl_logs;
+    access_log /var/log/nginx/access.log ssl_logs;
 
     server {
         listen 8080 ssl;

From ac6b54da0aa045c2e8770b8ecad4b48d82e20283 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 16:15:41 +0200
Subject: [PATCH 09/32] remove logging

---
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index 8b95b5305..c9ca68963 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -1,13 +1,14 @@
 events {}
 
 http {
-    # to log SSL context around request
-    log_format ssl_logs '$remote_addr - $remote_user [$time_local] "$request" '
-                        '$status $body_bytes_sent "$http_referer" '
-                        '"$http_user_agent" "$http_x_forwarded_for" '
-                        '[$ssl_protocol] [$ssl_cipher]';
+    # uncomment the following to enable SSL data logging (protocol + cipher)
 
-    access_log /var/log/nginx/access.log ssl_logs;
+    # log_format ssl_logs '$remote_addr - $remote_user [$time_local] "$request" '
+    #                     '$status $body_bytes_sent "$http_referer" '
+    #                     '"$http_user_agent" "$http_x_forwarded_for" '
+    #                     '[$ssl_protocol] [$ssl_cipher]';
+
+    # access_log /var/log/nginx/access.log ssl_logs;
 
     server {
         listen 8080 ssl;

From 0ae41090d67b5361c7d4fac0deae290989be5326 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 16:44:25 +0200
Subject: [PATCH 10/32] log off?

---
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index c9ca68963..a093b99f2 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -9,6 +9,7 @@ http {
     #                     '[$ssl_protocol] [$ssl_cipher]';
 
     # access_log /var/log/nginx/access.log ssl_logs;
+    access_log off;
 
     server {
         listen 8080 ssl;

From 42fdefac11c7ea0c5936b5c6c0548fde4d9f2d44 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 18:04:06 +0200
Subject: [PATCH 11/32] disable resumption?

---
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index a093b99f2..f9d487751 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -19,6 +19,10 @@ http {
         ssl_certificate /etc/nginx/certs/cert.pem;
         ssl_certificate_key /etc/nginx/certs/key.pem;
 
+        # Disable TLS session resumption
+        ssl_session_cache off;
+        ssl_session_tickets off;
+
         # returns default nginx page
         location / {
             root /usr/share/nginx/html;

From fb2f00de1475f8c63653d68eaff47beea0591a6c Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 18:55:58 +0200
Subject: [PATCH 12/32] wroker processes 4

---
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index f9d487751..cbd1d09f0 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -1,4 +1,9 @@
-events {}
+worker_processes 4;
+
+events {
+    worker_connections 1024;
+}
+
 
 http {
     # uncomment the following to enable SSL data logging (protocol + cipher)

From 8aa3911ad95368fa864109be2c9bb62cf52b7a31 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Mon, 31 Mar 2025 18:58:22 +0200
Subject: [PATCH 13/32] affinity

---
 src/BenchmarksApps/TLS/Nginx/config/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
index cbd1d09f0..059ca69fe 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
+++ b/src/BenchmarksApps/TLS/Nginx/config/nginx.conf
@@ -1,4 +1,5 @@
 worker_processes 4;
+worker_cpu_affinity 0001 0010 0100 1000;
 
 events {
     worker_connections 1024;

From 101dacc89d81f9f38514d6f3b08fa94b1c1f58b0 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Tue, 1 Apr 2025 13:43:52 +0200
Subject: [PATCH 14/32] try with other cert

---
 .../TLS/Nginx/config/cert-openssl.pem         | 23 ++++++
 src/BenchmarksApps/TLS/Nginx/config/cert.pem  | 54 ++++++++-----
 .../TLS/Nginx/config/key-openssl.pem          | 28 +++++++
 src/BenchmarksApps/TLS/Nginx/config/key.pem   | 79 +++++++++++++------
 4 files changed, 137 insertions(+), 47 deletions(-)
 create mode 100644 src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem
 create mode 100644 src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem

diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem b/src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem
new file mode 100644
index 000000000..53420fb0c
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID4zCCAsugAwIBAgIUXZ/RatnLCGSyEQYJj/ctBqp2uwYwDQYJKoZIhvcNAQEL
+BQAwgYAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdSZWRtb25kMRAwDgYDVQQHDAdS
+ZWRtb25kMQswCQYDVQQKDAJNUzELMAkGA1UECwwCTVMxCzAJBgNVBAMMAk1TMSYw
+JAYJKoZIhvcNAQkBFhdtaWNyb3NvZnRAbWljcm9zb2Z0LmNvbTAeFw0yNTAzMzEx
+MjIwMjNaFw0yNjAzMzExMjIwMjNaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
+UmVkbW9uZDEQMA4GA1UEBwwHUmVkbW9uZDELMAkGA1UECgwCTVMxCzAJBgNVBAsM
+Ak1TMQswCQYDVQQDDAJNUzEmMCQGCSqGSIb3DQEJARYXbWljcm9zb2Z0QG1pY3Jv
+c29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeEyMK3LRh
+Y1cvCx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1Nhoxc
+KL7MWDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0
+djylq+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPr
+aE0jZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/
+6FPP1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDB
+RvvfmhemeprTAgMBAAGjUzBRMB0GA1UdDgQWBBT/SqxDOGjMBxQIDeOGZqUDPmmr
+XTAfBgNVHSMEGDAWgBT/SqxDOGjMBxQIDeOGZqUDPmmrXTAPBgNVHRMBAf8EBTAD
+AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBPbCDT2dGIPO/0Cns1KtwECbd8FVYFhL2F
+4j9JW/BUTb4eEFX2U4HAmR+6+52em/S92q5aI7D2NiQIKPBpZQT66QW9QkB8iQM5
+Gq2UVcONVDYSaqGtuPzc9LijeMcJUB+YpArGoBypZfylvf9ksPEfYstR6Nx/3Pmt
+xSJfpsss6ddH7WStaRgH5yhZYZYy0coduzX5rZOkoq1C8aImlhjZHmycNCFi28Sx
+bIwu+MmK1pR6Wuj7DskHAXFPHAJx/WhX87XQBO8aUL1UCvsbRKL7LfnQxKur1NNo
+JpHk99O9VVpDW/P1ZE7IdPLFKlE2qyskr94hWGElpiFuCkC+lkOM
+-----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert.pem b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
index 53420fb0c..19fb060b4 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/cert.pem
+++ b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
@@ -1,23 +1,35 @@
+Bag Attributes
+    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
+subject=CN = localhost
+
+issuer=CN = localhost
+
 -----BEGIN CERTIFICATE-----
-MIID4zCCAsugAwIBAgIUXZ/RatnLCGSyEQYJj/ctBqp2uwYwDQYJKoZIhvcNAQEL
-BQAwgYAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdSZWRtb25kMRAwDgYDVQQHDAdS
-ZWRtb25kMQswCQYDVQQKDAJNUzELMAkGA1UECwwCTVMxCzAJBgNVBAMMAk1TMSYw
-JAYJKoZIhvcNAQkBFhdtaWNyb3NvZnRAbWljcm9zb2Z0LmNvbTAeFw0yNTAzMzEx
-MjIwMjNaFw0yNjAzMzExMjIwMjNaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
-UmVkbW9uZDEQMA4GA1UEBwwHUmVkbW9uZDELMAkGA1UECgwCTVMxCzAJBgNVBAsM
-Ak1TMQswCQYDVQQDDAJNUzEmMCQGCSqGSIb3DQEJARYXbWljcm9zb2Z0QG1pY3Jv
-c29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeEyMK3LRh
-Y1cvCx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1Nhoxc
-KL7MWDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0
-djylq+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPr
-aE0jZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/
-6FPP1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDB
-RvvfmhemeprTAgMBAAGjUzBRMB0GA1UdDgQWBBT/SqxDOGjMBxQIDeOGZqUDPmmr
-XTAfBgNVHSMEGDAWgBT/SqxDOGjMBxQIDeOGZqUDPmmrXTAPBgNVHRMBAf8EBTAD
-AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBPbCDT2dGIPO/0Cns1KtwECbd8FVYFhL2F
-4j9JW/BUTb4eEFX2U4HAmR+6+52em/S92q5aI7D2NiQIKPBpZQT66QW9QkB8iQM5
-Gq2UVcONVDYSaqGtuPzc9LijeMcJUB+YpArGoBypZfylvf9ksPEfYstR6Nx/3Pmt
-xSJfpsss6ddH7WStaRgH5yhZYZYy0coduzX5rZOkoq1C8aImlhjZHmycNCFi28Sx
-bIwu+MmK1pR6Wuj7DskHAXFPHAJx/WhX87XQBO8aUL1UCvsbRKL7LfnQxKur1NNo
-JpHk99O9VVpDW/P1ZE7IdPLFKlE2qyskr94hWGElpiFuCkC+lkOM
+MIIFCzCCAvOgAwIBAgIUAi7DqcEn4EsBm1lN4UcmmuxWPq0wDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDIyNjE4MzI0OVoYDzIxMjEw
+MjAyMTgzMjQ5WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDI5+DbDLpVmRFFB9YR1NwAbdPzf7cV8RB32pNVHzLj
+iJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn277nX9KSU/7lELMlz+yGikwli3aI
+u4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhqG8SUBIhAjzjIXSf2+cv0Cq38cEX1
+WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmKqJYtVd7b/ytAmeM2ByZ4eVCZ31rR
+ELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT/3JXHXyQUn3kGMczgwL/IZZwqtAf
+E4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri3WsKT3iEp3P08WPi6dL7WF+PjpMl
+d9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5ZBDBm6J23feAOgZ8AZu/RKdAVgYBu
+Kr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKALbybMKMrYuc9DqbPGBbryLxklh9kN
+wMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1ZVJlGreyPD0mxET+O4DCz7UsA2CvB
+pKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKkIEhppv2vspl0Gh7xpZISJuWtmWiJ
+o03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCpTiAQljDTTb803NGyKBHx3cz17HU9
+xQIDAQABo1MwUTAdBgNVHQ4EFgQUGyQOi+8yPBZziF7ruCfQB4ooTMUwHwYDVR0j
+BBgwFoAUGyQOi+8yPBZziF7ruCfQB4ooTMUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+hkiG9w0BAQsFAAOCAgEAHf+FN6rHdZJPdmUO1skpS9iVgXrKWGwo20Qrd3MttKfk
+xzFpOZLBEyn/qWmZe1YQqdcm4Yd7OjnKRb62zwE8gyTJlaA30qXGoJZrouWEAsWZ
+2//2h/Ju6XNy47p5F2UKAKqqGcSaDy9HEQF0wNwRz45LKYlJE7v7eDqo2TOampoH
+UXNRF9lKI4o+CKkSRquoqGXfw6GJmnxrozTzWl00igSXrX3+HkiKHNOgzaOoS+pP
+nFl/HI/jOFYh8AG/18U5iFBSTjXiyXmFvkb4309c188fJd1UMOVY1tbcfFWSftnL
+Ybk8UmGagtI9S8ExuQvk34TGDwj0vdKGiTBdL/qQ1vzxqLo2U7fHRcktSo27Ogtp
+JCzfyXKb41Cu4VOmzllTlhbg/p68rEeYcVIeZl86Yh3bFZNVpvHW9vzn8iLIXpGf
+nyt/XXG0cgkTPeWZ+zTPHLx/9YZBXViUuXobXLeUhueCaWGHYPkzKcV1c1B9oJjc
+/3JWbJVERFxMGgJpQUrTMerUCmY3C2lfPBm48ZmPCjmUUdWsh5vu2pVe+3hBIFeb
+Y/kkOuRqAmiW+EmjFNQNdcxsDstd1AeipapPSH0TLWTqvAs8MndoNmfHyOFomV38
+Els5LL5Pomm27oVq6JM1geF1jKShAnO/w/dlRXcB0PFJIlpWKpw7OE5qqPpoiZY=
 -----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem b/src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem
new file mode 100644
index 000000000..3d9a00bda
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeEyMK3LRhY1cv
+Cx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1NhoxcKL7M
+WDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0djyl
+q+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPraE0j
+ZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/6FPP
+1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDBRvvf
+mhemeprTAgMBAAECggEAHNcW/KNZ0a7jODUKVPulMJeTKf7TJbuywP7AF7SH7Uuv
+gvQwjGBA/M7A61lKCLHJcUCsi6lxsFrKvNOXk9y6L2MdQiHOqb9fPa4bz/s1GRfA
+riHXHd0wdZOWY5UkNFcPfq1pcLXE9i/gTsW2M8r+1Xh8dVGrz9C9pX2hHZGea5nM
+YRybhdpsqF0ul2jRy/KL6MRtyBJ0tQK7xhxUBpj4bbEFlU2DwSVkjxNcXHsF+/S8
+fIsLNwX4XZyjw8FDITe8OeVSQSV2E5LbXAz1MMFWqdWRNhfOHeQB+HuvpT83P316
+XUgOt1m3fLE/bbr+7uV1ixunJleskNMaQfmiskAQkQKBgQDRI8Nb+sStQRoPNsZW
+iuXH9Y/OopPv2zlKRBsktG/uixZAtIYbTxnqqLatARht3kBk7SiRWvnGHDdPi5xM
+8HdsNr8naadphzn6WD1DdFTxyJmCn/zYMh6jUTeQGQ1zitOpZajXhcJYqeD/bvxM
+mPd/Vm6aUpdkpwIaPHmfz3hcSQKBgQDBfkrcXT12ql29YfEgnyaCZWhtaMFFi+yf
+jedXDto0VOpc8HDVWpddNDOvzIDTcgP5iMApPFy5JCz1WU/FeWazsaQBTfzkQ/nt
+q2YAXqf2ckqdtITHxtih6MNMPIVE6e0M00xZ7qEjk9wGTl/4jevA0tFMV+OjKUjc
+paJTvramOwKBgElQXiWaTOPnVHlM3E5uNorYPGdVesK0eOrd4R4G2s4ml9Bq+DAO
+lKk8J32SSrwJE03ODVCXMcQPFBygdlRKX7LhpjTsxrEppFtsH13MJBL2HUo7R2mK
+eE8MI4wyHBMK8ZQKfRvAWha2xpcEkxFO9kP/SppypXu1R/lmhcRN+IVxAoGANChZ
+AaHYqZ4u+pfmKcb82HWBesycHKUlObVEwQDt7OFe84KUx85NswAZVrAnodfAHomw
+Uu1EiVupCtHyYObiulmOPhPJsbZpLpnfOwZI/HO+jVhV2oxNZQebbXd67SKplaV3
+lV5v7Wk0DDcgQ53uCOJLLOscH6VHUMMNSMnF7nUCgYA/8L38d5OcuEAOVno4E0C8
+r1USD1d+ZT5mJtbROpVXleIj/aoDdKKfLI0abBS47m7QEau8oKqAg1+5T4c8neR8
+FIcWQTg50rqO8dx7I05gQU5KamdFK3jpM4MBzrH0UK7PUeZ0L72okCYdhLMK3b20
+bvbOPOA68ZvvEDn9VA9Pkw==
+-----END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key.pem b/src/BenchmarksApps/TLS/Nginx/config/key.pem
index 3d9a00bda..a1b7ce67f 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/key.pem
+++ b/src/BenchmarksApps/TLS/Nginx/config/key.pem
@@ -1,28 +1,55 @@
+Bag Attributes
+    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
+Key Attributes: <No Attributes>
 -----BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeEyMK3LRhY1cv
-Cx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1NhoxcKL7M
-WDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0djyl
-q+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPraE0j
-ZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/6FPP
-1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDBRvvf
-mhemeprTAgMBAAECggEAHNcW/KNZ0a7jODUKVPulMJeTKf7TJbuywP7AF7SH7Uuv
-gvQwjGBA/M7A61lKCLHJcUCsi6lxsFrKvNOXk9y6L2MdQiHOqb9fPa4bz/s1GRfA
-riHXHd0wdZOWY5UkNFcPfq1pcLXE9i/gTsW2M8r+1Xh8dVGrz9C9pX2hHZGea5nM
-YRybhdpsqF0ul2jRy/KL6MRtyBJ0tQK7xhxUBpj4bbEFlU2DwSVkjxNcXHsF+/S8
-fIsLNwX4XZyjw8FDITe8OeVSQSV2E5LbXAz1MMFWqdWRNhfOHeQB+HuvpT83P316
-XUgOt1m3fLE/bbr+7uV1ixunJleskNMaQfmiskAQkQKBgQDRI8Nb+sStQRoPNsZW
-iuXH9Y/OopPv2zlKRBsktG/uixZAtIYbTxnqqLatARht3kBk7SiRWvnGHDdPi5xM
-8HdsNr8naadphzn6WD1DdFTxyJmCn/zYMh6jUTeQGQ1zitOpZajXhcJYqeD/bvxM
-mPd/Vm6aUpdkpwIaPHmfz3hcSQKBgQDBfkrcXT12ql29YfEgnyaCZWhtaMFFi+yf
-jedXDto0VOpc8HDVWpddNDOvzIDTcgP5iMApPFy5JCz1WU/FeWazsaQBTfzkQ/nt
-q2YAXqf2ckqdtITHxtih6MNMPIVE6e0M00xZ7qEjk9wGTl/4jevA0tFMV+OjKUjc
-paJTvramOwKBgElQXiWaTOPnVHlM3E5uNorYPGdVesK0eOrd4R4G2s4ml9Bq+DAO
-lKk8J32SSrwJE03ODVCXMcQPFBygdlRKX7LhpjTsxrEppFtsH13MJBL2HUo7R2mK
-eE8MI4wyHBMK8ZQKfRvAWha2xpcEkxFO9kP/SppypXu1R/lmhcRN+IVxAoGANChZ
-AaHYqZ4u+pfmKcb82HWBesycHKUlObVEwQDt7OFe84KUx85NswAZVrAnodfAHomw
-Uu1EiVupCtHyYObiulmOPhPJsbZpLpnfOwZI/HO+jVhV2oxNZQebbXd67SKplaV3
-lV5v7Wk0DDcgQ53uCOJLLOscH6VHUMMNSMnF7nUCgYA/8L38d5OcuEAOVno4E0C8
-r1USD1d+ZT5mJtbROpVXleIj/aoDdKKfLI0abBS47m7QEau8oKqAg1+5T4c8neR8
-FIcWQTg50rqO8dx7I05gQU5KamdFK3jpM4MBzrH0UK7PUeZ0L72okCYdhLMK3b20
-bvbOPOA68ZvvEDn9VA9Pkw==
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDI5+DbDLpVmRFF
+B9YR1NwAbdPzf7cV8RB32pNVHzLjiJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn
+277nX9KSU/7lELMlz+yGikwli3aIu4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhq
+G8SUBIhAjzjIXSf2+cv0Cq38cEX1WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmK
+qJYtVd7b/ytAmeM2ByZ4eVCZ31rRELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT
+/3JXHXyQUn3kGMczgwL/IZZwqtAfE4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri
+3WsKT3iEp3P08WPi6dL7WF+PjpMld9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5Z
+BDBm6J23feAOgZ8AZu/RKdAVgYBuKr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKAL
+bybMKMrYuc9DqbPGBbryLxklh9kNwMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1Z
+VJlGreyPD0mxET+O4DCz7UsA2CvBpKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKk
+IEhppv2vspl0Gh7xpZISJuWtmWiJo03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCp
+TiAQljDTTb803NGyKBHx3cz17HU9xQIDAQABAoICADgpGaIiHLRw5XL2jdDOP/Ge
+wfD/cp6flIrsfuL8pa0VM/JCGoBL+wvqq+0M/kvn1mdPDIWbFCNO1dgWhXcIQkTF
+ViuST4HybZvubPrR0YDHaUEjjkGJSZhUQl694PVSRFHI73sLRqkmSMzglkMKQUxK
+vQTFhbZ0fZ7qnVhDykqbTywvjHDHJQLtm+mGe3MXSOClOeTbogReH4ezOMfTiUjW
+O7EDU5B2zzo+L1nUJf7rPAHmPaWlfeZN0onz9RAmqaLMh50NpA2ckc8RSVUw2PE/
+HhH1Gzo7FUtciEFWfncxbZIjwFCGLNzCwjadtLwaLvTn3aYXfFyoGR/x5UosjPOI
+wErw3qp2phIGhXQtw2n0vNJEVqQVOvUGE/enUdXhzbaLZIvwdLCjqz1sgt1/qyrj
+Gw6FLtSj9r1dcxy6IwawzSWHhMp6WC1QxPJrw6ho34Tp3ATEPi0vDOY6CKbt6sjb
+t7M6yqgb+XRp2An3ynsthCRfkRrfnYB5TMLzP2t03LpKtOM3/dikWPhKvc5xCw4l
+fKVQxEm7uC7IpLdMK7RNU+eE2V2zicEiHMy356VLewsxDSG5apV2LKKs6y4iYowZ
+3SJ0/uCbXiqXusdYXfhTAm5FaJPAqYXFq7ItvI0/tPzgYSV/6M/TD//KTptXtNJZ
+38lvcYZIkEvQPZY4QCLBAoIBAQD5PduTz6zZK9QA0aAYMuoHoyOh1nDQWTFkp9g5
+3mPKHAvgiNAH38a9lqSTyGYC/EVjWjw3jM47P7l6c8uxdwRwqDVDlHJrzbdh3p6J
+014oQ2MTmSpqqUW/6MpQgtnC6aqySKzJCiYF9dbqHmOE9DjOi0AfQ2W+U2afvVCp
+FgSFgV+zTE/bxnXkaY8er1lwUNkUPQWr4+z3Zh9q2SSnTar2yYsnmVQn+TWsKA2o
+oNPY0hDaXCX1zAE41Lj7Lf/gJb+Au3w/w/iQRg0oef66EU0XeyGOHahj6vgFxoEk
+e5WB6gL9sxsZ7xrqUHnov3TA8S1ZzkWYjbjpCjv+Mv+kflP7AoIBAQDOWn28sKvR
+X0NWVP8Rb1PrESRe4wCYjE+gU/Jmey6Ez0KF+Zep05EVI6axPZtbHPA6MCrS8IWG
++S9Tdk4ZX+1czQdewAlUNbL79qElknkrCZeeLz5fhIYtCTwaobKV7O9V/qq90EOR
+TJdPiZKdU3Z7ui2IGAFJuxthxsBK2zMTK7laOoenSC765kSuVq6nc+zAGNDFI9Bp
+/ocVSdcJQHUgsYxn3/jb5KirliQuvcxFIFHloU2tXCdC1SUkdl+/5ym0iGNdlCGh
+uQsr9MBEjHBnOsQ2YqMenSm2etVuGmwMJSN4TkpuqjFx0prLWkT+1RVQeUXNnVNu
+j5YeEpr6hEk/AoIBAQDHf1zHRj57IhqygRfc5rvuWwWFX6izDAF+KN7pCvni52oW
+Ukv5UYO5ct/OrmQA1b4QlUSHzjuwrwQeYJtVNAeoyOrBagvgACxduRw7A6VlIvMl
+175c25rJzmJJ6UK2QeRwib1LucTPloRspuBPpk/l+w3bOE4y9ny5NYZfoREDb5eT
+Y2y0ZHku19NH42D6hqwLCAEHIgwlxmc1VhOBmqhSmuW4T4FN8aqlXvX32KtY7GOy
+9Hkp8h20SIi7/IjH+E79kpQUUh8eFAQqNuPOOVT0i4lDQLftKkFWFhp+gjEcaJv2
+R6tUqc9oZ/v8cWrZmPIM5Q9N2Xp9hcSZZma7WqaLAoIBAEk0zTqtqqbilu7/xGWZ
+CzpvoGmROtrjnDQS1AILXVt8c+s3uthi2CuZtD9Yzc6rG4ZpJCglcBmMOX/wjpBt
++bVcf2rb0fNwAYll25GKvzXHd2SE+inEyB0eE5aXGtYZcmcdq9EfG3lmpJ9w/PSX
+cYc/a3vGmF5h5LrxWbK0xQ/eCSm7bfiooRIdsuvukJOTisAzjY0CwaN4ys+AnKsJ
+lQP+OQN4776DBlupLjju2JMFfkhqyzXfZYZOO5kN7bYU+jSz1hySusO29AGqGLO4
+5v+YV5e7sobf1raIKUOgWAiO/GBn1fwgoN3yizvtUGDfk2ozO9JQKBMnGWidzSFm
+4N0CggEBALLPDQCol67RBsDxPzYDVn3g2nLGYqrr0UP9Qd/MoY+IsPv3VNbjo8qF
+JyskoycIRk7M+GAd5dgmboi3uZomoUIoy2nUFaMq6I6JfMfYKggy6yfYS/WK2XnV
+2yaSQEAlUCLf3GPk4OFkisqQuvnSg5GJlYlraG+w4kwNxKije5l6pqVf5op8/Qu7
+tBQfPd4pDLBq2NRJUqMTper4H3o6N66i0cUv4yzhi832RET38ieCDSJyC9ivtDfD
+HA3f3s5KQMBz3DE5/PelAeO989UVZ4FR5azdSznaykbKbDO5b6GngjcCFGV/jdST
+lOZIsIthM9vRTfPNs6cuapFulsL0qWM=
 -----END PRIVATE KEY-----

From ef0edf6eaaf3a7214a304fce2325264bb01ce9b9 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Tue, 1 Apr 2025 13:59:36 +0200
Subject: [PATCH 15/32] 2 different certs

---
 .../TLS/Certificates/2048/cert.pem            |  22 +++++
 .../TLS/Certificates/2048/key.pem             |  28 +++++++
 .../TLS/Certificates/4096/cert.pem            |  35 ++++++++
 .../TLS/Certificates/4096/key.pem             |  55 ++++++++++++
 src/BenchmarksApps/TLS/HttpSys/testCert.pfx   | Bin 4045 -> 3699 bytes
 src/BenchmarksApps/TLS/Kestrel/testCert.pfx   | Bin 4045 -> 3699 bytes
 src/BenchmarksApps/TLS/Nginx/Dockerfile       |   6 --
 .../TLS/Nginx/config/cert-openssl.pem         |  23 -----
 src/BenchmarksApps/TLS/Nginx/config/cert.pem  |  53 +++++-------
 .../TLS/Nginx/config/key-openssl.pem          |  28 -------
 src/BenchmarksApps/TLS/Nginx/config/key.pem   |  79 ++++++------------
 src/BenchmarksApps/TLS/Nginx/start-nginx.sh   |   2 +-
 12 files changed, 187 insertions(+), 144 deletions(-)
 create mode 100644 src/BenchmarksApps/TLS/Certificates/2048/cert.pem
 create mode 100644 src/BenchmarksApps/TLS/Certificates/2048/key.pem
 create mode 100644 src/BenchmarksApps/TLS/Certificates/4096/cert.pem
 create mode 100644 src/BenchmarksApps/TLS/Certificates/4096/key.pem
 delete mode 100644 src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem
 delete mode 100644 src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem

diff --git a/src/BenchmarksApps/TLS/Certificates/2048/cert.pem b/src/BenchmarksApps/TLS/Certificates/2048/cert.pem
new file mode 100644
index 000000000..cfd3b7981
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Certificates/2048/cert.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDrTCCApWgAwIBAgIUHKdletylaQOCsLr2hYlAx7CtYNUwDQYJKoZIhvcNAQEL
+BQAwfzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xFTATBgNVBAoMDEV4YW1wbGUgQ29ycDEWMBQGA1UECwwN
+SVQgRGVwYXJ0bWVudDEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjUwNDAxMTE1
+MTU1WhcNMjYwNDAxMTE1MTU1WjB/MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs
+aWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMRXhhbXBs
+ZSBDb3JwMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRQwEgYDVQQDDAtleGFtcGxl
+LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtHEw2SKpAIBN/M
+zYNHdeUBr/+rl70+NULPOCNtHLBWxgb5qkhUi+weU3Szyju6ahYWeWLSmll9pEA8
+dyrR0D6OHo39o6RqH4KNHBMyIM3b1zvYdQCoXWFIBaLMzgS4I6YorMmiaIdd/rjT
+4IerkewQUidRUKD517dogWNwE8rP75joEGBPkTdA1g5EvqdrZFMEqfjvISr8VPns
+05BVBjOLpFmipKh+kgDvvnqENJKKUN3U34LobYuq+eJHgQljvE5NCF7lq3GtaGsB
+pVu1BnMmxA9mlxeEXbV7XcDbU4uYu03RG1b0zTNPf35YFTCj7ENe+xSwzpOEX7os
+zuBco+kCAwEAAaMhMB8wHQYDVR0OBBYEFOI/5fWJQJ7i4FDRi6LcINvIbjQ+MA0G
+CSqGSIb3DQEBCwUAA4IBAQA0MIxYSs3VI8DGQE/FLkNyDjVGK01LRliyTL6EEiAm
+I9PiCq5WYH+29u8wJV6YeveQ00EUx0IbHOo1Ojki0oDByNjnEU2JKEr+FeSi320Q
+GT9kn/tQuTTHZMIlqFOO+01f15ApaEyfOhDS1qC1zZWyjXSNC7/bVT1wVlH+hBGl
+n/VnaarlE4IQjH7XlVplYNwN6Cpl4796ns5q9nfQIFyePxJmUptvsaLWkICcF8fL
+oZfbxFLc8l/xT/vFpzHga096Ruhvqqolj7oGY2eFxAf/oUZqWPIa4zCP3WUaWPeU
+sBIETpjNwtjcrScm6D+DQO4B5eixCtrK51ye5/2t0Jb7
+-----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Certificates/2048/key.pem b/src/BenchmarksApps/TLS/Certificates/2048/key.pem
new file mode 100644
index 000000000..d5870a3ce
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Certificates/2048/key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7RxMNkiqQCATf
+zM2DR3XlAa//q5e9PjVCzzgjbRywVsYG+apIVIvsHlN0s8o7umoWFnli0ppZfaRA
+PHcq0dA+jh6N/aOkah+CjRwTMiDN29c72HUAqF1hSAWizM4EuCOmKKzJomiHXf64
+0+CHq5HsEFInUVCg+de3aIFjcBPKz++Y6BBgT5E3QNYORL6na2RTBKn47yEq/FT5
+7NOQVQYzi6RZoqSofpIA7756hDSSilDd1N+C6G2LqvniR4EJY7xOTQhe5atxrWhr
+AaVbtQZzJsQPZpcXhF21e13A21OLmLtN0RtW9M0zT39+WBUwo+xDXvsUsM6ThF+6
+LM7gXKPpAgMBAAECggEABxOKxcLVzDbGsF+AYyB/yj/DvbO8emXFBMQ9s8ul/4fC
+gyBLQzZmnxe6QY5K6vItRgO4DHg2utZDhDsvVDU0sC3AkSREsFa44BRNkPAeSzOu
+W1A02OnZCsRPlN+LkqQT5222sbEVpV/I2y+uVpIGDoHDXkGf+/p/ddUDZpV6j07h
+bsJCmXsNGWgy3PvF/WvLPS1PQ4ktVku2k9MdDoTVxOB1WipFw5mnO8Pe0v24gJuK
+QQLnQXUneRI53+2eU5iekdYp8RXxIsZIx37zysuUvKA5cfLCMztEcOgPor9/Zbph
+8SnUrMgSnbQGtEQA+jILtiUX3zAzfxnqdZIENIG+8QKBgQD2G2A6RJ3CzoFbh3dK
+C4ihGmHBR39w4eW9mpqzb9+a0bZzKdgPGML7dYeFz9Zr7WpJRKpsrvuOkm9m8h27
+T7rbVRNveKaJB35VwqEm+wFKg6z6ORWQmjYr0BObxF4wv41unmPN8BmliVVkQKQd
+B89xhZmpcYg1d8aC/+8jcxVHPQKBgQDCzk0Uio113qNDROJxsbiVtAOFvcL9kFhs
+EewRjc9dE6eujhO290ZoiEKz8V4zOpsz0mMJuS0/pM2wJNXWRzDN+UCmYboqpT0T
+O1cXRDMt8NLb6RxAn66lhj66s1oTVflYhHHm9Ytxf960EsvtmCHIJvYldy4/YP9H
+BPgM0wr6HQKBgHrcLczI5m0TBHb6CK45Vcr/TZ/cnp1u2G8wGFzN07YJTWjukcLv
+nJ9GDBLcL/IPQsky81VwgXqqVdzxr7AL3H+UWDCE7bZovEP59tNr6TgWxirghoh6
+w+JZbQCNJmx1pBh+D9sGKvd9uNhkgMlRVdkZVh3F5La0hbBuLibnU88NAoGAPAjh
+/lOYttuPCvseohU4IoKgl0Xc4tHqPhvj2aEPZ8rX4VaNwtQ/0ZU0oUngUv9bt0O+
+G9ACntuGPCON9wRniQKopt31RpE32kZuV5BACYdvJDCZ8VyEsSRHDriZKN5VAq+G
+frvrZmYW1v339NfuiUVglDk/em7FHTjtzN35Qw0CgYBqc1Dcz7vOs7sHQr2cslEI
+dGAwlV9F3D8bYgKt2cYtgbNIK6gfmZmJBbfVTtwataV9oV2o6cbeNK8SL7qScc3R
+Pbu3UNpFk7cBlHi9OVJwdpZaYG8ITkQGvwa8V6+EwgzOKcrHgBC9Efso20v32SyN
+9JJgBEYMrvx2awpN+af1iA==
+-----END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/Certificates/4096/cert.pem b/src/BenchmarksApps/TLS/Certificates/4096/cert.pem
new file mode 100644
index 000000000..19fb060b4
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Certificates/4096/cert.pem
@@ -0,0 +1,35 @@
+Bag Attributes
+    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
+subject=CN = localhost
+
+issuer=CN = localhost
+
+-----BEGIN CERTIFICATE-----
+MIIFCzCCAvOgAwIBAgIUAi7DqcEn4EsBm1lN4UcmmuxWPq0wDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDIyNjE4MzI0OVoYDzIxMjEw
+MjAyMTgzMjQ5WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDI5+DbDLpVmRFFB9YR1NwAbdPzf7cV8RB32pNVHzLj
+iJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn277nX9KSU/7lELMlz+yGikwli3aI
+u4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhqG8SUBIhAjzjIXSf2+cv0Cq38cEX1
+WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmKqJYtVd7b/ytAmeM2ByZ4eVCZ31rR
+ELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT/3JXHXyQUn3kGMczgwL/IZZwqtAf
+E4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri3WsKT3iEp3P08WPi6dL7WF+PjpMl
+d9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5ZBDBm6J23feAOgZ8AZu/RKdAVgYBu
+Kr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKALbybMKMrYuc9DqbPGBbryLxklh9kN
+wMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1ZVJlGreyPD0mxET+O4DCz7UsA2CvB
+pKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKkIEhppv2vspl0Gh7xpZISJuWtmWiJ
+o03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCpTiAQljDTTb803NGyKBHx3cz17HU9
+xQIDAQABo1MwUTAdBgNVHQ4EFgQUGyQOi+8yPBZziF7ruCfQB4ooTMUwHwYDVR0j
+BBgwFoAUGyQOi+8yPBZziF7ruCfQB4ooTMUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+hkiG9w0BAQsFAAOCAgEAHf+FN6rHdZJPdmUO1skpS9iVgXrKWGwo20Qrd3MttKfk
+xzFpOZLBEyn/qWmZe1YQqdcm4Yd7OjnKRb62zwE8gyTJlaA30qXGoJZrouWEAsWZ
+2//2h/Ju6XNy47p5F2UKAKqqGcSaDy9HEQF0wNwRz45LKYlJE7v7eDqo2TOampoH
+UXNRF9lKI4o+CKkSRquoqGXfw6GJmnxrozTzWl00igSXrX3+HkiKHNOgzaOoS+pP
+nFl/HI/jOFYh8AG/18U5iFBSTjXiyXmFvkb4309c188fJd1UMOVY1tbcfFWSftnL
+Ybk8UmGagtI9S8ExuQvk34TGDwj0vdKGiTBdL/qQ1vzxqLo2U7fHRcktSo27Ogtp
+JCzfyXKb41Cu4VOmzllTlhbg/p68rEeYcVIeZl86Yh3bFZNVpvHW9vzn8iLIXpGf
+nyt/XXG0cgkTPeWZ+zTPHLx/9YZBXViUuXobXLeUhueCaWGHYPkzKcV1c1B9oJjc
+/3JWbJVERFxMGgJpQUrTMerUCmY3C2lfPBm48ZmPCjmUUdWsh5vu2pVe+3hBIFeb
+Y/kkOuRqAmiW+EmjFNQNdcxsDstd1AeipapPSH0TLWTqvAs8MndoNmfHyOFomV38
+Els5LL5Pomm27oVq6JM1geF1jKShAnO/w/dlRXcB0PFJIlpWKpw7OE5qqPpoiZY=
+-----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Certificates/4096/key.pem b/src/BenchmarksApps/TLS/Certificates/4096/key.pem
new file mode 100644
index 000000000..a1b7ce67f
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Certificates/4096/key.pem
@@ -0,0 +1,55 @@
+Bag Attributes
+    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDI5+DbDLpVmRFF
+B9YR1NwAbdPzf7cV8RB32pNVHzLjiJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn
+277nX9KSU/7lELMlz+yGikwli3aIu4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhq
+G8SUBIhAjzjIXSf2+cv0Cq38cEX1WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmK
+qJYtVd7b/ytAmeM2ByZ4eVCZ31rRELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT
+/3JXHXyQUn3kGMczgwL/IZZwqtAfE4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri
+3WsKT3iEp3P08WPi6dL7WF+PjpMld9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5Z
+BDBm6J23feAOgZ8AZu/RKdAVgYBuKr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKAL
+bybMKMrYuc9DqbPGBbryLxklh9kNwMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1Z
+VJlGreyPD0mxET+O4DCz7UsA2CvBpKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKk
+IEhppv2vspl0Gh7xpZISJuWtmWiJo03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCp
+TiAQljDTTb803NGyKBHx3cz17HU9xQIDAQABAoICADgpGaIiHLRw5XL2jdDOP/Ge
+wfD/cp6flIrsfuL8pa0VM/JCGoBL+wvqq+0M/kvn1mdPDIWbFCNO1dgWhXcIQkTF
+ViuST4HybZvubPrR0YDHaUEjjkGJSZhUQl694PVSRFHI73sLRqkmSMzglkMKQUxK
+vQTFhbZ0fZ7qnVhDykqbTywvjHDHJQLtm+mGe3MXSOClOeTbogReH4ezOMfTiUjW
+O7EDU5B2zzo+L1nUJf7rPAHmPaWlfeZN0onz9RAmqaLMh50NpA2ckc8RSVUw2PE/
+HhH1Gzo7FUtciEFWfncxbZIjwFCGLNzCwjadtLwaLvTn3aYXfFyoGR/x5UosjPOI
+wErw3qp2phIGhXQtw2n0vNJEVqQVOvUGE/enUdXhzbaLZIvwdLCjqz1sgt1/qyrj
+Gw6FLtSj9r1dcxy6IwawzSWHhMp6WC1QxPJrw6ho34Tp3ATEPi0vDOY6CKbt6sjb
+t7M6yqgb+XRp2An3ynsthCRfkRrfnYB5TMLzP2t03LpKtOM3/dikWPhKvc5xCw4l
+fKVQxEm7uC7IpLdMK7RNU+eE2V2zicEiHMy356VLewsxDSG5apV2LKKs6y4iYowZ
+3SJ0/uCbXiqXusdYXfhTAm5FaJPAqYXFq7ItvI0/tPzgYSV/6M/TD//KTptXtNJZ
+38lvcYZIkEvQPZY4QCLBAoIBAQD5PduTz6zZK9QA0aAYMuoHoyOh1nDQWTFkp9g5
+3mPKHAvgiNAH38a9lqSTyGYC/EVjWjw3jM47P7l6c8uxdwRwqDVDlHJrzbdh3p6J
+014oQ2MTmSpqqUW/6MpQgtnC6aqySKzJCiYF9dbqHmOE9DjOi0AfQ2W+U2afvVCp
+FgSFgV+zTE/bxnXkaY8er1lwUNkUPQWr4+z3Zh9q2SSnTar2yYsnmVQn+TWsKA2o
+oNPY0hDaXCX1zAE41Lj7Lf/gJb+Au3w/w/iQRg0oef66EU0XeyGOHahj6vgFxoEk
+e5WB6gL9sxsZ7xrqUHnov3TA8S1ZzkWYjbjpCjv+Mv+kflP7AoIBAQDOWn28sKvR
+X0NWVP8Rb1PrESRe4wCYjE+gU/Jmey6Ez0KF+Zep05EVI6axPZtbHPA6MCrS8IWG
++S9Tdk4ZX+1czQdewAlUNbL79qElknkrCZeeLz5fhIYtCTwaobKV7O9V/qq90EOR
+TJdPiZKdU3Z7ui2IGAFJuxthxsBK2zMTK7laOoenSC765kSuVq6nc+zAGNDFI9Bp
+/ocVSdcJQHUgsYxn3/jb5KirliQuvcxFIFHloU2tXCdC1SUkdl+/5ym0iGNdlCGh
+uQsr9MBEjHBnOsQ2YqMenSm2etVuGmwMJSN4TkpuqjFx0prLWkT+1RVQeUXNnVNu
+j5YeEpr6hEk/AoIBAQDHf1zHRj57IhqygRfc5rvuWwWFX6izDAF+KN7pCvni52oW
+Ukv5UYO5ct/OrmQA1b4QlUSHzjuwrwQeYJtVNAeoyOrBagvgACxduRw7A6VlIvMl
+175c25rJzmJJ6UK2QeRwib1LucTPloRspuBPpk/l+w3bOE4y9ny5NYZfoREDb5eT
+Y2y0ZHku19NH42D6hqwLCAEHIgwlxmc1VhOBmqhSmuW4T4FN8aqlXvX32KtY7GOy
+9Hkp8h20SIi7/IjH+E79kpQUUh8eFAQqNuPOOVT0i4lDQLftKkFWFhp+gjEcaJv2
+R6tUqc9oZ/v8cWrZmPIM5Q9N2Xp9hcSZZma7WqaLAoIBAEk0zTqtqqbilu7/xGWZ
+CzpvoGmROtrjnDQS1AILXVt8c+s3uthi2CuZtD9Yzc6rG4ZpJCglcBmMOX/wjpBt
++bVcf2rb0fNwAYll25GKvzXHd2SE+inEyB0eE5aXGtYZcmcdq9EfG3lmpJ9w/PSX
+cYc/a3vGmF5h5LrxWbK0xQ/eCSm7bfiooRIdsuvukJOTisAzjY0CwaN4ys+AnKsJ
+lQP+OQN4776DBlupLjju2JMFfkhqyzXfZYZOO5kN7bYU+jSz1hySusO29AGqGLO4
+5v+YV5e7sobf1raIKUOgWAiO/GBn1fwgoN3yizvtUGDfk2ozO9JQKBMnGWidzSFm
+4N0CggEBALLPDQCol67RBsDxPzYDVn3g2nLGYqrr0UP9Qd/MoY+IsPv3VNbjo8qF
+JyskoycIRk7M+GAd5dgmboi3uZomoUIoy2nUFaMq6I6JfMfYKggy6yfYS/WK2XnV
+2yaSQEAlUCLf3GPk4OFkisqQuvnSg5GJlYlraG+w4kwNxKije5l6pqVf5op8/Qu7
+tBQfPd4pDLBq2NRJUqMTper4H3o6N66i0cUv4yzhi832RET38ieCDSJyC9ivtDfD
+HA3f3s5KQMBz3DE5/PelAeO989UVZ4FR5azdSznaykbKbDO5b6GngjcCFGV/jdST
+lOZIsIthM9vRTfPNs6cuapFulsL0qWM=
+-----END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/HttpSys/testCert.pfx b/src/BenchmarksApps/TLS/HttpSys/testCert.pfx
index e03e6d5395f04b195385b112eed4ec73b097d07d..a0da01e6baae2b2a34dd2948e5a303feb53a90ee 100644
GIT binary patch
literal 3699
zcmai%Ra6uV*M*s3NQVJLLb_9MhVGUwY3T+DDZv>eWT>G_X#r`FMmmI{M4AEVl4cM=
zkdpZP*8i{fz5FiDI&1HJaqjkd4ipLT1OjlONC*c$5pSeg<T(j|0FaM_P=Sz;`+sc+
z6iFEHZ-k$ZBy{_0IRgPWf0xa_2>@#SkH8~=>O*1wN-&fiM3%O4#V*EDp5y1@KacD<
zkN^S+aiCy)!vDJpB*MdiGT;;0M5+NCaX|oH5Lt8YEo!L=<M_(|f}1wU{^kvm;3!+o
zDXEjbv7Y*2=Z^D%7G&I=>C_oh1}0gX{kb>EXM5g%kJ7*cH8(-jIQsravs2&??>v{_
zENOFL-PdCSwL6$xKV>$gMpB`&i_tGxBQ%TK<%YN!HA)8^JF4zb<I}K4t6Nyi2t@CY
z8f}hKn*ZJiY381LS=syHQ#Q=cQPngu|3V{*>sFq>blIy!DNZ0MzpMT+c)t=EZ$u*`
z%FTCP^;k~T!K3AoI%h*zu)&~D9CdQhxq5mP$=#RR5)tVPbDO=2mAuHWPg@D<wfHP&
zwHYJ6?g2q*OeU`d+%1eqGYeB=#Fq@w*Y)wga~=b2PnHO2UJ3tzO^)+Hgt{S;<C+rR
z8ZKLYnhr=-_c4v|j}6^r;&urW-{{`}Wp}f1dR{<RC^}j9L!xJ&{!X2ze|}jI;PQrc
zm;AA7UR@i@D=kYZ+UuYbLd9uW7l)y!<tHYLb0vzp1;oTLIU~^{Pe5J@U30MwGB$Ue
ziI@}8_E70#c%LjS-hog|Li#TPg?^~XGQl8ID=%R}uK9OpDyxW+jGK9R-aXEpmqhS(
z_6b9oMWrOM&(;GyV6d%YQwYD&i$SRi{zKC^<_%}XjachV<nh;B-4FH}esJewIwvbB
zYU**l`sY~0gAl96En=Q0w;R<yQ67N7u4iAw9!Fxx-8p^oveWOOH>j5jXX&m4omYfi
zaB3i&K+gO!;i>Ub7ceBKo|cfo>f$$PGOg5L^1E*piZDE0;eui~t(~N#3B+mcc%#Rq
z{;h87G1moNra61#srzW_;aa%!r>Tu%#M5M(2Q!J$ebJ8IyRfKQ_uDA-hy~rLq7ca|
zl!UWZH5i`Rg_g~l^iqBGxxWeFeaU>d#YKRX50Ra?IASbK`e^LR$D3&8Bh$vr&w|;#
zi_hGm%;=c#OGY{47}M*67<!FCaUZW^jl3lQxUkc8SHCmuiSB6k%WVAolNEw#A(pEP
zQuP>baUC+Wby(vydX*Ee2FE>ho;mp08*2NbeR7B2Mvc}#I+>XUUOIiSXy(sOov6(@
z7=@QZKPRpr)h@$<Dr0En$v4QA?8$;Up7qwBruc)&0-1DT^9`}4cY4%b!#UrwMI)$g
zH!F+H>MtBrZ)*LhnR-Cq{ab3(hDIM<%Z#K5zP-49>vFuHDX&{AbjPvwx?GolUVxGH
zFg_^m2tH0OejZmrCb_WWFrLb5EUx|$Tu<qZk*OLI^}~)Dhp#$BF`vgMj?&NeUU0N`
zn3koaR8;COU~c5n4z!cgA4!%wvPXxj>^!^rWz>*5t=6*W=X^gY^y2!GY*+Dh3+oC$
zI+t=xko3UKa9?zzg{e5XUK#uBbbYvVD;L#A2r6Wi7#nA~Hvn3Ov(v}ICQ$ZGA9(4~
zq7x8KcepwlR+pk_{fPT+Ytnuysx3c|f0+6*S7^whrOd9g`Iu2WQgfJZGWm~jXPssI
zSyLh?(3JS9ex}E(Z(iUD%N_UNNvJ}*xK&U961XGd@ak6NXRd^CW_{@k-O5KgmKi_-
zp)=k;pAE4$!FA2!yVFf{V9Bu&K^%slXUqVpmBL9roG5@6FzsDwj%BhU8XjdFck+kz
z&-xFpYTqnxKFwr)wG4g_IvZEcl}FsCq@d-HFF#4z!*9c-^{zuS$E5^#I_&#4J>iE^
zN*Rr>wYhXKlp564_sc>XoAAFAs|mhaK3mkMuPrAaXlKOTX}sQ05Fp8U=dt}8rETgL
zwjVpJQ`z`4VYNW%;><Cwhgz@MR%gCn;YJ^8?ns}cNWG|$n!Q2{*%=-^%-0Xdwti10
z-v$2l`{COp{vTM{SMsY+)snIDu%I%7*DhwwH!R;j3RlLu6&8#?rYCVvH}1ykG+88-
zXZY5)x4=7Tsd_52?F^IHf_u`Fg_!S0bm_y{sEaB&Vl9hhd~~vsvGjoqloViAh&ef4
zOBx(Rv|_WZtQS<0Mnq{eKo3!~J4TCuv-LjQV1b4n<ziE_wpNEV#%TyYuIYze3bckM
zIVLT^vG3;4V>g@Kw8gq2nD7|0qDCC_)%DJuL|;cwooxA*$fSQC6C8?A3n=>%7Q8xL
zEt05K;vP?_;=?d?w#ERiDDvR?f*v2m&73VXJdrwOTlDIW5@q=92sfIvA;)Tov589Z
zu=70>z3=Y~0k);YR3^Sg#PWV!Z&Gf$E!IS#6~e<Zj`-u5R042|>fcUXgq%&Z(A`U@
zuv?^YIqr_%PO*^WEZ=R|oT+?f2Q|O8xTGWOq^OKai%k`Wo)HVWY{V%twPQUgB2y%%
z<`36)^Np;uq)nwy4Fb(OhQ!<QBty|e`!96SN~WxU6mM(ukO$q_BV$G>_L~yHyuW4*
zfQv<d{D)7<-wy#J*;&7fEQem@QaW44KQqRAKK9cqdR5rc<}9MFdu~*W{r&J034^7l
z?8l^=H947DyWf1zk1M%f3^A2ev??u0`PHq5cmvcU*k>qy{fZ{Bq4d4W{@x`HzE}h$
zWn9LM+(-1A?OS`kp=*7g?*ENV%DN#f$M|I5Jo%ApxVK4Yg7p&g(03(|YlzoJ^Uc$D
zs^^I@q@_Bf+^7wSUs{8?Rby7J>TR1_KM#tjmx4e!GORGLql3F86{mnoi_;bbx#l{o
z@2$PygElkEmTVmT2Qhr55uST<Lzx@dG<~*qi5dw0mJ`Z(s_-Iq^48F1ba?lOuJ;$J
zSxh1ni5K?|NBkE|@Pa@{Jj7qy@9%iy-}`@N0TTm&e?y7CrpW&Sk%S_f-~%DH>5+m>
z3z<uV<^Kc`qXY;93x&wl@<ms?sh~OmAwd(BL>X{RB=pE#Aoy6P1LA3;9uOjsKvn-?
zfs&^2(l7t~Z8(L7JQi}>?*<377<{y9ay|cK=e@FQrO(FWJgXA%<aTtp7~`uge_>Zf
zOS0~s$SPqVMgsUmP7zOl=}c;X)+ulKkBpH!ESG<d@2%<_@e*<q-94)@V?n88r@Q89
zRx*1n?l^3RYxEy8@fWJC%h#pne=v2AV-{{V`I3={jj<%OIW6B7$Eu`<zKk3+2jf&I
z)&_HGxrByQWj^O;Dd8fQiuglGX?l<I9g~QM=dYbuM-w4E>RpqUb^TO^^mm%I+dgsl
z-zp>PdkH)|;=^EZMXq<qfsQ*+enXqr5vF!JPKR5lDh*|v^WD_Eqc-fJX(cg_A(u5w
z4#s0*uTWZW3rKPvPVbcfwJR%Nt=?=cKbJwshNMr=tC(a`!ft$wK(H`>&Q6`wMZyPF
z7*S){Kj1p$xrSmh4Yu@<W2)ccrS>kV3^Ok$54{wN{U<~47K^C!U$w7al<YD%Xa$)O
z6?`{H$m{UyKL30|F4toJAwe$K4ny~DQM0(nZA}eDx^SQRDVzs?>1jY|f8fzmMn#Q=
z!oby;l7V&HoI(DLLtYVMd_|lgsnALFtdj8#?P}&OC4<$8>Is76Tb_f~$NJs9uLc4m
z!X58J{KZn;uG{E7)r1pYUnK*jakq5{kM*9*1t56XvjT#6aOy1j$Inkx9H*OcGucc$
z3=0>{>RkTl8+LyED8<K<$nnWB#?e5y0i`Z;G`Bb3(?QKcqatQukg951&^Q$M9RgQr
zo0(f3sNv-q$CSl4Pw|NG5ZUo4>|M#(JbI!%DqCptLe-JMYSgueFwe4Jakq9oobE(A
zY^3JpuY_uSaRvEm%&PW2)t@b&%n`wM%K5>;WUX5bUwzieXRLzTV;tl$P~Y<GOE}3|
z$jV0wE#7FBr0p@5mmX>^3o6`ADPRwNf$J3zLEmYno)n;jpX>1z88Ebq5k}v>?+RmP
zP;JbhLA2XeB(uFew7+Z(eSfN2<SD<<Dtge~GZ`AZcj>|9UD{iKqgLN*tzwr<c*(5M
zF+WD;pg~H*PB~#*fI>+2s4ek5nDLz_av?SqHjllxG)mN^6`mEf3jd@wnTL&ZEHj=w
zeeSRKVz1gSg3Aq)s5abw#R2q^=B*g5#kpj=BlbV6L^v5#A-&0ZwCoU-6cjZLSN!de
zr^dt;wnyn2HfC*4G;RXBM)Q5qeC@GIQ*0W>dvjY(n^~A3Zi>R7q=NO=oF!!vN**y6
zAmw5;1xwhg{MQm1XH`4Ko)t2DfjtfsZnBNJ+WWBC=Z&L;q^%G>+Uc5;5L^4rJwZJz
z%7azUlknr#8O@i7<(ZibaSmC-e4itmAq~jfZIgUFuV8w;g$cm^n9!Gv>Amuwa*}GW
zNLcr(l4RYWg>E*npC2CM)FY0gu?&Z-v1*y&v6vwG(+4u-7qh7TjzAM^eBMI|6OS5V
zCOX{Y8q=9&54r`c)~=Nt!F?K$rpC?>q|b~v8ukaZxF{edq;~{g$h7uF+iVv6v(2WP
zBFAO2ZWfZ=glI<Y0y8)%S}iJ*-t{KoaELZn!HS=k;i7yGof3S$=>)qU61=htP_-Xi
zb6%`b3=fre@~W4BaX{JrDOw^*7!~LNR+Tjik<2X^IU_aY!uWG1*HWSjssM#SN&b1$
zfB-xk5c3QEJQfkhfSDcHrbfhaxxPyk2+u`jyb;PTkej3mBLopjg>dipXBx!)w`%_b
D4eZW{

literal 4045
zcmY+GXD}R$x5o8ec6AXEb=9?^#}d6utlp!9AVP@fEXxw2_g<nUI&YNdHF^ob>LrM>
z(OG@3cjn&vzxTtLGxI!i&bQ|`4+KFyh=+?0K~TpLk@APDhhr#liE;B0)WHM@>VSLM
z2ZA81{*OhJk08vym$LD2aqd^je;i!MLn5;O{y>3C1fe1z!9d+EC>)(5@bE}*f)Rv{
zhPL}DN(n>}TzvJ#o#)E_-l?~z({yD5VKjo=)HU^+G(VQfx5iZylmN=2$wo50{O6IB
zlH&~>zc#V6W!lV=ygV()Z=MS*9O1pgVQ+-Nk9WEx6J(?X{(cwLC1l9$u45m1P`?xH
z>tdI>(JbgB_$5C+2w90_l5O9qDdTY6lia_Eu(feS1sc6W5INFziS<3mQt_d3P`X(w
z8VC-q6yRV<FEVB<m6UJ-T^?41lt`vyU299T{uv|-)X&|(`K$IBS^UV3#jRH-Uo>VS
zIe@c{Y3F#@&AIY7I^b;&w$Y}jfaY@bcJ>)l1&M`zBzyrON@Xv<b!764AUps)+dI`~
zlJdQfP;~mZW|m-&)D~J3)G}kjWH74umB*1Km~)uKw*@0%%f(1*Y}_v}Zg>^|^uPm1
z^cUk7+a&P%mw$Y}e=hKh%}3s2HEuF(;eEo*3vysy<|(_LhqdM(eN4{l^=_IQZqdH{
zehJxw9HTAU=v(tIC9n5h*`)GCW7UWmY)ECes(a|&UZALoA8UyYoYFTQ>(t$jz9j<G
zQl3<fVrQ~VFy1GV<iJR|++z|-G`}oULsEs(t?`k}3w~lzy<)G3Wnn_*1OOwPQst#L
zS?BT-)9T`hcA>KK$<DYCj@CX|A`|7)I<1TGNM2IXrb`nX#vr*rnWtJA&#zx{Qe>Dt
z#DqbcO|uy%Spg;4hcQ_B?dYBp02AvLaY?<9mwki~iDByt*&2Aez+Pbs7Xg#wu97Q$
zLLhLg8HC%HV<g7}dR+Dmyv<?$QmfSdNSjWiGckxC*W@pmb#yOYszBuz3xMFE*k<Ey
z6jkKcYmI~STl5h!1wwh|I^dRo$fLToga&HAQ-iH36yO1Vil#k9z8`UfXwWMvJd~qJ
zp>2Q6m*-HWp0)&d_@;|*gtMMR(pJZu<9*CuV*DGs$ff1CFpW;HB?G1=yO9yA44}rG
z$qBZJL$^S9mmyxcsx>~)cHA(IAP$f_m=vInUjqJ?3O8xW`)hXAi(Sun#%&$cM_CrM
z8fPsd7$IdafqJ=zh3ff*PXhC*t9H0+fG;Lp-jKX_G8qwftpx9W#<otw#u*s@b&Z>v
zP;ustnDsI_zHNfi$JZh@=+$Yef1N8Py>ws_KsF_x-v#Zst;;+V>z2`BZ#=1t4;J9X
zwhp~klLD2l3V!wDO)<h3@U$4|iywmHXGt3!6FxdBl;xP?e5`H8Rl}9%va%!tRSxEp
zG|?a4QHQUmm{P0++ziZi2ezWw_ojS2icmtTjZHj2%K07#d#G`le<d&D;cb|EuP1Ej
zO0|*l(S?$R1LNDxBl=M{SM8Z@!x1a6(Ae+=ce;`%o2Co_wG#x~o7!8`5mkKyZuFiJ
zce(`?t8m*{dW-zY+6q{<K57Uo@l4+_mn=P<YpsMBLx$PRs|jXQg9sO2>sZ*dS#bAZ
z2x{zyK<%hknC$d&$(pCG#qk%fxV#Kv^DL&lYcCKh<jl4!8+}DGq5f>D+pyWL@CAgS
z@>i1rmtU_lZc1@7<$wryt@tHdFcBhaQfmMr>h@FE@Hob~tG*J?eU0kLt4~nx9N2nh
z3~|taYwN|MLcVe@z38g-C~kcgLCppnwW*zJPo~DFN`=Wc4Mi7Pv`=GD2n)%%NbO8T
zc-N2B1V-=y<PyHhI0&-2mX<}%TM`cZ5FnYej<h}q7H9OXX1^1lUeR)}Z{^LHl7_Tv
zR^`lYn=5pmT02B*yk`n~SgyuhrEFjqhR@KEip4m(cvUXAE&A|6JL!m_ru=XV%J>7G
zF>GN(8t5vdD%x(*Xg+F3d^fODx1i{lC<^t%&Jcni?fO4p&PR~e5g<sb?&Y%kDIp^N
zA54?s;@z9B_oDOvqc{G)^bSvRAnMJL75|ss_vh*cni{(=1|&dYO)r7x7f@wsvouoi
zh~VW=d)%WsZQPg#Qe3B6X|mJr*TR+xW&2C3cgsHh@IosZS1ZyIc*J&Cc|8@AX}rAJ
zRDYBxUvfO_x<wIa@z@zJmNt~x_4V7J?cNSQbs3ipaA(@@*?dM(?&&*U$$-4oF6k_V
z&a)IBLrl*qUT9OpW|XGDjFICLWJy?3srSgCf0Jc{6a#e3PV#BU0$Zv-*zd5wW%)#r
zl!;@zFO6^(BVFF}L`~Vt7fk-i-+5N4XVazuS=}U%s%>&RdngPsFi09bZX>&+_1h9#
zR!ogk0(2YOj<b@A-{*&`F!Y9%*z9U52smlmC-bgv(QJGz;7MQuVLGnYFXKGdD!Tri
zkXWBVm=9r&w1wD?@nmD83Oi?iE@6|IxAgL#2A4DV7f;{;+xl==W&uz-%0GMBIW_*$
z5E<i?Zd{UV6{6~V-aJ{jo8@Qn=n_q*0~bnF+b%X#VM<K$=X0%@Q~r2Ctn20};OlsD
z<$dvtT}6*ecs-NfWyNHTMJ3A7IK^~?5Qsle?>juWDOLJBk@<k42-EU`hp)R11Vb*n
zY~nUK<X42C1vywS!~P<NDKZ=7&)1_xT5=?Msuwzm;m@z|R=#h98Rg+pKTI0ileE_{
z1(A|3;h7!R1UdT!W-@uu?4_@?(YP9Ij0W|O%r27jR$jPOdK&Cm?Ge>TJ&ecebkE)F
zZ}K;i)~?&E4ty6tQ{?VmY-ft|Nuf4S5SD1GI;M_SKTIt-w;TdoI*V|(Zt=aC{C=>u
z+3C6P5|M1{T}4+Q77{!%-_-`zp3%!vB`!zY?SxfMd@|YxUOVaiHPi*ZrBA9Ezl>zO
z%*~-@-ISH$m2amyiDKWX@t@f-(F`vcnr%#p6nX{8F!*Se3f3uxp0NcLc^Ei{eK-tC
z8V9e;^xU>j&0Ry0N4scQ7G#^s%%wU|mh6gx<V;D50=qOXVwC8YSgR{8mZ!Yy38m_?
zkbPtI2|tcD>8?phg?D93dA%pip_68Pjr5OIxkJK-NK$vy_h`G;c*-1+#9b!L$VZ58
zJ<T7z*y72}DU9PWoFVH+mztlp<0;3M`5`;iagaOcW%o0FG~eNXy>0-^`yEMw38lm0
zSfO_o)cR*j{K{6W!}kEe+qJNoyl@7zXiFShZ_z))p#t==y2HtHxG@t}W0UP?wH-4k
z$~cyQ{Rh*E24%VK-k%w5UCnLbZqJjdck-UX!i+gJS#4tkL+ZVq%(IR}wJX+vrzC<D
z;G<9tD*1VEl`)km?WsEGcnYsG%koU2v<cdV=1eF+bH`@Y^oqP2T{YwqEGgywTyHv!
zpCj>I_6wKRxL44-r@NRcQ0#dgc})%#^Vke6G;CabXnsw)sMxklaYz}Pjr`lfMws$b
zgL9*P(``H16~N)g<1oj-gR~3Ac{%?RISpTQacS26R4b#yn!nLg<s?7Ae{DpSUv;Ej
zeL(QlxU76i2{Doskom!_t9ALW?wWxIr<>5#PW=(>uDK@jIK)M`oD1f&?d(2d)o=7B
z3s$rG=7;Fm{Nr_?*Tz(b5+Ruw$?T{Y@s`2aH$KyGQMtw<{lJsCU<cS5B@(C5^IQI0
z&%AXndi0iKBaC0-pTzKAg2N#|ahS{v*T6C^OBVN9MyH?^rr8B{L2uwSN*a+wznE!!
zX3=cBpAHUyInZroMG{bt%P%EC9*<Oo?+gy=66r-Kd}#xk9CxFtR}l5p;ZYS6zl^Cx
zR&r|vThipBaF7TJrgKBCTP{>*A}4=KCiFN`PmbrhU3b7#B}d~2z0=aD*b9o77&PIE
zf$9(-^LvxtSI$4gmo{MX87=L6(JIdkeFjPmaHEO%HyqqAb<2#+I-DLRleGpHJ-uyP
zyzF;|Ai!_X?Lr1>+%o<f-t5)ZMYNR({O~1knySPno6b5Gqpu^&fu2`uYI@(R{|0}}
z^{$&1?MsWw1&zd~`7=@<8qJh=mtUQ4u0Xw_D>^z-GoDae=0B>1CGrwc{h`geLy=(|
zupWgO1ZwL(q?2N%1v};z0@24>p9c%`0Kf)Xo6qvic9+?1k|$*RfrWT>x*_zTgE>6Y
z%EqXlZE?LDJQ7u(!v^e6*T0q!bfY@Bz?Od5AB?|E^h-2smQ!u*><=BrXx28)tqXNb
z);1hJ$Cfa2!8D>}fcqe8BWr~fKwv!6KjcJrE>Y@fvh(zNTtZkla9$?=FuiUel=;wA
zXJsJzP=X-xqqQQQKd4GoL#9HH{dXI11sfm~QW?$=gSOi5en)P(xu7V|GmqC#RedmZ
zcRF?8QMQj7ew;Z#0Ggcqun#QVUW;f4qN;fi5|{Q$_|#u{mkdx$CwuGbmAO|I$V7sJ
zURu@~BS_GuH_saCk1#8%LI&T|NL0DRlA@f`=5@p{u>`;3_XpX?&!)M=N)k#;>jIEg
zVMOwVV?Vy(cKNZmepxZTYW(L%1?=N@>H@Z&w_leNlRM_K9jpdU=~5V%bftR&cPpBO
zan5@p2<7IHaW0Avl~xa)x%9{>dphO6U2H=y0FGvbsl_$~H-LN1XXNOK(MM7#twYi$
z7*%2462thohyWYQ*#_-Eb>>WjX8Ofo7d7+qAr#Gi&8jK!m?(!*Keyks-oWKN?Rm(J
z$<3Kc`}syFSdY>$d<{LgAlCP4ks|W1;>qx;&!@A9%b#nZW4~_%+7v3_`GFtJVg3w$
zLfUQsMF!k+@I+m)gXQnO#u3ngOr&&TwJ^+H>YsJH>w`Hi$F5mo^?24!=!t0wCu)?=
zul`-+3el@8#tPV~FZ{~*sQ+aV%otH>W{!8-koie?42KiARF?IC{HZ-!rAQ$ITY$f<
zm#AmvKKBUs!=+yiUlDcmBW%%#MDH)Mu9LH{-`lMAQt?b~r`daQ%I8R~f}ZCjrnA^U
z+~l5InVG`}yD$<rmBX@~oNOO}XEYjh`B0z7g3Roc7o0p$HgcbwEI^MOiJ0mv9e3ua
zDhHAV&}YdeuN+pivHKQT<hD@nf36u!%R<r;;nO$v1=HYFc+>K0s?bRM>DA`pmf6a1
zDtB%MYfs#YocWAYZ4hzi6P87*A4SWBqx39s{Jf(R&x?C?l?3$`y;&C;Pn^vintg5I
zUYN!wh~Ze*SL`C(5YGQ?XQcEZ3<Pw}ywA!?u{Sh1$J(8L^nl_0iMGrT5ePekl!#D(
t3LozQAr1lE6W#UKOCTt@KigwXn?pk{oIb1jmX=R;Di4g%#Q(RY{TIa_xdi|K

diff --git a/src/BenchmarksApps/TLS/Kestrel/testCert.pfx b/src/BenchmarksApps/TLS/Kestrel/testCert.pfx
index e03e6d5395f04b195385b112eed4ec73b097d07d..a0da01e6baae2b2a34dd2948e5a303feb53a90ee 100644
GIT binary patch
literal 3699
zcmai%Ra6uV*M*s3NQVJLLb_9MhVGUwY3T+DDZv>eWT>G_X#r`FMmmI{M4AEVl4cM=
zkdpZP*8i{fz5FiDI&1HJaqjkd4ipLT1OjlONC*c$5pSeg<T(j|0FaM_P=Sz;`+sc+
z6iFEHZ-k$ZBy{_0IRgPWf0xa_2>@#SkH8~=>O*1wN-&fiM3%O4#V*EDp5y1@KacD<
zkN^S+aiCy)!vDJpB*MdiGT;;0M5+NCaX|oH5Lt8YEo!L=<M_(|f}1wU{^kvm;3!+o
zDXEjbv7Y*2=Z^D%7G&I=>C_oh1}0gX{kb>EXM5g%kJ7*cH8(-jIQsravs2&??>v{_
zENOFL-PdCSwL6$xKV>$gMpB`&i_tGxBQ%TK<%YN!HA)8^JF4zb<I}K4t6Nyi2t@CY
z8f}hKn*ZJiY381LS=syHQ#Q=cQPngu|3V{*>sFq>blIy!DNZ0MzpMT+c)t=EZ$u*`
z%FTCP^;k~T!K3AoI%h*zu)&~D9CdQhxq5mP$=#RR5)tVPbDO=2mAuHWPg@D<wfHP&
zwHYJ6?g2q*OeU`d+%1eqGYeB=#Fq@w*Y)wga~=b2PnHO2UJ3tzO^)+Hgt{S;<C+rR
z8ZKLYnhr=-_c4v|j}6^r;&urW-{{`}Wp}f1dR{<RC^}j9L!xJ&{!X2ze|}jI;PQrc
zm;AA7UR@i@D=kYZ+UuYbLd9uW7l)y!<tHYLb0vzp1;oTLIU~^{Pe5J@U30MwGB$Ue
ziI@}8_E70#c%LjS-hog|Li#TPg?^~XGQl8ID=%R}uK9OpDyxW+jGK9R-aXEpmqhS(
z_6b9oMWrOM&(;GyV6d%YQwYD&i$SRi{zKC^<_%}XjachV<nh;B-4FH}esJewIwvbB
zYU**l`sY~0gAl96En=Q0w;R<yQ67N7u4iAw9!Fxx-8p^oveWOOH>j5jXX&m4omYfi
zaB3i&K+gO!;i>Ub7ceBKo|cfo>f$$PGOg5L^1E*piZDE0;eui~t(~N#3B+mcc%#Rq
z{;h87G1moNra61#srzW_;aa%!r>Tu%#M5M(2Q!J$ebJ8IyRfKQ_uDA-hy~rLq7ca|
zl!UWZH5i`Rg_g~l^iqBGxxWeFeaU>d#YKRX50Ra?IASbK`e^LR$D3&8Bh$vr&w|;#
zi_hGm%;=c#OGY{47}M*67<!FCaUZW^jl3lQxUkc8SHCmuiSB6k%WVAolNEw#A(pEP
zQuP>baUC+Wby(vydX*Ee2FE>ho;mp08*2NbeR7B2Mvc}#I+>XUUOIiSXy(sOov6(@
z7=@QZKPRpr)h@$<Dr0En$v4QA?8$;Up7qwBruc)&0-1DT^9`}4cY4%b!#UrwMI)$g
zH!F+H>MtBrZ)*LhnR-Cq{ab3(hDIM<%Z#K5zP-49>vFuHDX&{AbjPvwx?GolUVxGH
zFg_^m2tH0OejZmrCb_WWFrLb5EUx|$Tu<qZk*OLI^}~)Dhp#$BF`vgMj?&NeUU0N`
zn3koaR8;COU~c5n4z!cgA4!%wvPXxj>^!^rWz>*5t=6*W=X^gY^y2!GY*+Dh3+oC$
zI+t=xko3UKa9?zzg{e5XUK#uBbbYvVD;L#A2r6Wi7#nA~Hvn3Ov(v}ICQ$ZGA9(4~
zq7x8KcepwlR+pk_{fPT+Ytnuysx3c|f0+6*S7^whrOd9g`Iu2WQgfJZGWm~jXPssI
zSyLh?(3JS9ex}E(Z(iUD%N_UNNvJ}*xK&U961XGd@ak6NXRd^CW_{@k-O5KgmKi_-
zp)=k;pAE4$!FA2!yVFf{V9Bu&K^%slXUqVpmBL9roG5@6FzsDwj%BhU8XjdFck+kz
z&-xFpYTqnxKFwr)wG4g_IvZEcl}FsCq@d-HFF#4z!*9c-^{zuS$E5^#I_&#4J>iE^
zN*Rr>wYhXKlp564_sc>XoAAFAs|mhaK3mkMuPrAaXlKOTX}sQ05Fp8U=dt}8rETgL
zwjVpJQ`z`4VYNW%;><Cwhgz@MR%gCn;YJ^8?ns}cNWG|$n!Q2{*%=-^%-0Xdwti10
z-v$2l`{COp{vTM{SMsY+)snIDu%I%7*DhwwH!R;j3RlLu6&8#?rYCVvH}1ykG+88-
zXZY5)x4=7Tsd_52?F^IHf_u`Fg_!S0bm_y{sEaB&Vl9hhd~~vsvGjoqloViAh&ef4
zOBx(Rv|_WZtQS<0Mnq{eKo3!~J4TCuv-LjQV1b4n<ziE_wpNEV#%TyYuIYze3bckM
zIVLT^vG3;4V>g@Kw8gq2nD7|0qDCC_)%DJuL|;cwooxA*$fSQC6C8?A3n=>%7Q8xL
zEt05K;vP?_;=?d?w#ERiDDvR?f*v2m&73VXJdrwOTlDIW5@q=92sfIvA;)Tov589Z
zu=70>z3=Y~0k);YR3^Sg#PWV!Z&Gf$E!IS#6~e<Zj`-u5R042|>fcUXgq%&Z(A`U@
zuv?^YIqr_%PO*^WEZ=R|oT+?f2Q|O8xTGWOq^OKai%k`Wo)HVWY{V%twPQUgB2y%%
z<`36)^Np;uq)nwy4Fb(OhQ!<QBty|e`!96SN~WxU6mM(ukO$q_BV$G>_L~yHyuW4*
zfQv<d{D)7<-wy#J*;&7fEQem@QaW44KQqRAKK9cqdR5rc<}9MFdu~*W{r&J034^7l
z?8l^=H947DyWf1zk1M%f3^A2ev??u0`PHq5cmvcU*k>qy{fZ{Bq4d4W{@x`HzE}h$
zWn9LM+(-1A?OS`kp=*7g?*ENV%DN#f$M|I5Jo%ApxVK4Yg7p&g(03(|YlzoJ^Uc$D
zs^^I@q@_Bf+^7wSUs{8?Rby7J>TR1_KM#tjmx4e!GORGLql3F86{mnoi_;bbx#l{o
z@2$PygElkEmTVmT2Qhr55uST<Lzx@dG<~*qi5dw0mJ`Z(s_-Iq^48F1ba?lOuJ;$J
zSxh1ni5K?|NBkE|@Pa@{Jj7qy@9%iy-}`@N0TTm&e?y7CrpW&Sk%S_f-~%DH>5+m>
z3z<uV<^Kc`qXY;93x&wl@<ms?sh~OmAwd(BL>X{RB=pE#Aoy6P1LA3;9uOjsKvn-?
zfs&^2(l7t~Z8(L7JQi}>?*<377<{y9ay|cK=e@FQrO(FWJgXA%<aTtp7~`uge_>Zf
zOS0~s$SPqVMgsUmP7zOl=}c;X)+ulKkBpH!ESG<d@2%<_@e*<q-94)@V?n88r@Q89
zRx*1n?l^3RYxEy8@fWJC%h#pne=v2AV-{{V`I3={jj<%OIW6B7$Eu`<zKk3+2jf&I
z)&_HGxrByQWj^O;Dd8fQiuglGX?l<I9g~QM=dYbuM-w4E>RpqUb^TO^^mm%I+dgsl
z-zp>PdkH)|;=^EZMXq<qfsQ*+enXqr5vF!JPKR5lDh*|v^WD_Eqc-fJX(cg_A(u5w
z4#s0*uTWZW3rKPvPVbcfwJR%Nt=?=cKbJwshNMr=tC(a`!ft$wK(H`>&Q6`wMZyPF
z7*S){Kj1p$xrSmh4Yu@<W2)ccrS>kV3^Ok$54{wN{U<~47K^C!U$w7al<YD%Xa$)O
z6?`{H$m{UyKL30|F4toJAwe$K4ny~DQM0(nZA}eDx^SQRDVzs?>1jY|f8fzmMn#Q=
z!oby;l7V&HoI(DLLtYVMd_|lgsnALFtdj8#?P}&OC4<$8>Is76Tb_f~$NJs9uLc4m
z!X58J{KZn;uG{E7)r1pYUnK*jakq5{kM*9*1t56XvjT#6aOy1j$Inkx9H*OcGucc$
z3=0>{>RkTl8+LyED8<K<$nnWB#?e5y0i`Z;G`Bb3(?QKcqatQukg951&^Q$M9RgQr
zo0(f3sNv-q$CSl4Pw|NG5ZUo4>|M#(JbI!%DqCptLe-JMYSgueFwe4Jakq9oobE(A
zY^3JpuY_uSaRvEm%&PW2)t@b&%n`wM%K5>;WUX5bUwzieXRLzTV;tl$P~Y<GOE}3|
z$jV0wE#7FBr0p@5mmX>^3o6`ADPRwNf$J3zLEmYno)n;jpX>1z88Ebq5k}v>?+RmP
zP;JbhLA2XeB(uFew7+Z(eSfN2<SD<<Dtge~GZ`AZcj>|9UD{iKqgLN*tzwr<c*(5M
zF+WD;pg~H*PB~#*fI>+2s4ek5nDLz_av?SqHjllxG)mN^6`mEf3jd@wnTL&ZEHj=w
zeeSRKVz1gSg3Aq)s5abw#R2q^=B*g5#kpj=BlbV6L^v5#A-&0ZwCoU-6cjZLSN!de
zr^dt;wnyn2HfC*4G;RXBM)Q5qeC@GIQ*0W>dvjY(n^~A3Zi>R7q=NO=oF!!vN**y6
zAmw5;1xwhg{MQm1XH`4Ko)t2DfjtfsZnBNJ+WWBC=Z&L;q^%G>+Uc5;5L^4rJwZJz
z%7azUlknr#8O@i7<(ZibaSmC-e4itmAq~jfZIgUFuV8w;g$cm^n9!Gv>Amuwa*}GW
zNLcr(l4RYWg>E*npC2CM)FY0gu?&Z-v1*y&v6vwG(+4u-7qh7TjzAM^eBMI|6OS5V
zCOX{Y8q=9&54r`c)~=Nt!F?K$rpC?>q|b~v8ukaZxF{edq;~{g$h7uF+iVv6v(2WP
zBFAO2ZWfZ=glI<Y0y8)%S}iJ*-t{KoaELZn!HS=k;i7yGof3S$=>)qU61=htP_-Xi
zb6%`b3=fre@~W4BaX{JrDOw^*7!~LNR+Tjik<2X^IU_aY!uWG1*HWSjssM#SN&b1$
zfB-xk5c3QEJQfkhfSDcHrbfhaxxPyk2+u`jyb;PTkej3mBLopjg>dipXBx!)w`%_b
D4eZW{

literal 4045
zcmY+GXD}R$x5o8ec6AXEb=9?^#}d6utlp!9AVP@fEXxw2_g<nUI&YNdHF^ob>LrM>
z(OG@3cjn&vzxTtLGxI!i&bQ|`4+KFyh=+?0K~TpLk@APDhhr#liE;B0)WHM@>VSLM
z2ZA81{*OhJk08vym$LD2aqd^je;i!MLn5;O{y>3C1fe1z!9d+EC>)(5@bE}*f)Rv{
zhPL}DN(n>}TzvJ#o#)E_-l?~z({yD5VKjo=)HU^+G(VQfx5iZylmN=2$wo50{O6IB
zlH&~>zc#V6W!lV=ygV()Z=MS*9O1pgVQ+-Nk9WEx6J(?X{(cwLC1l9$u45m1P`?xH
z>tdI>(JbgB_$5C+2w90_l5O9qDdTY6lia_Eu(feS1sc6W5INFziS<3mQt_d3P`X(w
z8VC-q6yRV<FEVB<m6UJ-T^?41lt`vyU299T{uv|-)X&|(`K$IBS^UV3#jRH-Uo>VS
zIe@c{Y3F#@&AIY7I^b;&w$Y}jfaY@bcJ>)l1&M`zBzyrON@Xv<b!764AUps)+dI`~
zlJdQfP;~mZW|m-&)D~J3)G}kjWH74umB*1Km~)uKw*@0%%f(1*Y}_v}Zg>^|^uPm1
z^cUk7+a&P%mw$Y}e=hKh%}3s2HEuF(;eEo*3vysy<|(_LhqdM(eN4{l^=_IQZqdH{
zehJxw9HTAU=v(tIC9n5h*`)GCW7UWmY)ECes(a|&UZALoA8UyYoYFTQ>(t$jz9j<G
zQl3<fVrQ~VFy1GV<iJR|++z|-G`}oULsEs(t?`k}3w~lzy<)G3Wnn_*1OOwPQst#L
zS?BT-)9T`hcA>KK$<DYCj@CX|A`|7)I<1TGNM2IXrb`nX#vr*rnWtJA&#zx{Qe>Dt
z#DqbcO|uy%Spg;4hcQ_B?dYBp02AvLaY?<9mwki~iDByt*&2Aez+Pbs7Xg#wu97Q$
zLLhLg8HC%HV<g7}dR+Dmyv<?$QmfSdNSjWiGckxC*W@pmb#yOYszBuz3xMFE*k<Ey
z6jkKcYmI~STl5h!1wwh|I^dRo$fLToga&HAQ-iH36yO1Vil#k9z8`UfXwWMvJd~qJ
zp>2Q6m*-HWp0)&d_@;|*gtMMR(pJZu<9*CuV*DGs$ff1CFpW;HB?G1=yO9yA44}rG
z$qBZJL$^S9mmyxcsx>~)cHA(IAP$f_m=vInUjqJ?3O8xW`)hXAi(Sun#%&$cM_CrM
z8fPsd7$IdafqJ=zh3ff*PXhC*t9H0+fG;Lp-jKX_G8qwftpx9W#<otw#u*s@b&Z>v
zP;ustnDsI_zHNfi$JZh@=+$Yef1N8Py>ws_KsF_x-v#Zst;;+V>z2`BZ#=1t4;J9X
zwhp~klLD2l3V!wDO)<h3@U$4|iywmHXGt3!6FxdBl;xP?e5`H8Rl}9%va%!tRSxEp
zG|?a4QHQUmm{P0++ziZi2ezWw_ojS2icmtTjZHj2%K07#d#G`le<d&D;cb|EuP1Ej
zO0|*l(S?$R1LNDxBl=M{SM8Z@!x1a6(Ae+=ce;`%o2Co_wG#x~o7!8`5mkKyZuFiJ
zce(`?t8m*{dW-zY+6q{<K57Uo@l4+_mn=P<YpsMBLx$PRs|jXQg9sO2>sZ*dS#bAZ
z2x{zyK<%hknC$d&$(pCG#qk%fxV#Kv^DL&lYcCKh<jl4!8+}DGq5f>D+pyWL@CAgS
z@>i1rmtU_lZc1@7<$wryt@tHdFcBhaQfmMr>h@FE@Hob~tG*J?eU0kLt4~nx9N2nh
z3~|taYwN|MLcVe@z38g-C~kcgLCppnwW*zJPo~DFN`=Wc4Mi7Pv`=GD2n)%%NbO8T
zc-N2B1V-=y<PyHhI0&-2mX<}%TM`cZ5FnYej<h}q7H9OXX1^1lUeR)}Z{^LHl7_Tv
zR^`lYn=5pmT02B*yk`n~SgyuhrEFjqhR@KEip4m(cvUXAE&A|6JL!m_ru=XV%J>7G
zF>GN(8t5vdD%x(*Xg+F3d^fODx1i{lC<^t%&Jcni?fO4p&PR~e5g<sb?&Y%kDIp^N
zA54?s;@z9B_oDOvqc{G)^bSvRAnMJL75|ss_vh*cni{(=1|&dYO)r7x7f@wsvouoi
zh~VW=d)%WsZQPg#Qe3B6X|mJr*TR+xW&2C3cgsHh@IosZS1ZyIc*J&Cc|8@AX}rAJ
zRDYBxUvfO_x<wIa@z@zJmNt~x_4V7J?cNSQbs3ipaA(@@*?dM(?&&*U$$-4oF6k_V
z&a)IBLrl*qUT9OpW|XGDjFICLWJy?3srSgCf0Jc{6a#e3PV#BU0$Zv-*zd5wW%)#r
zl!;@zFO6^(BVFF}L`~Vt7fk-i-+5N4XVazuS=}U%s%>&RdngPsFi09bZX>&+_1h9#
zR!ogk0(2YOj<b@A-{*&`F!Y9%*z9U52smlmC-bgv(QJGz;7MQuVLGnYFXKGdD!Tri
zkXWBVm=9r&w1wD?@nmD83Oi?iE@6|IxAgL#2A4DV7f;{;+xl==W&uz-%0GMBIW_*$
z5E<i?Zd{UV6{6~V-aJ{jo8@Qn=n_q*0~bnF+b%X#VM<K$=X0%@Q~r2Ctn20};OlsD
z<$dvtT}6*ecs-NfWyNHTMJ3A7IK^~?5Qsle?>juWDOLJBk@<k42-EU`hp)R11Vb*n
zY~nUK<X42C1vywS!~P<NDKZ=7&)1_xT5=?Msuwzm;m@z|R=#h98Rg+pKTI0ileE_{
z1(A|3;h7!R1UdT!W-@uu?4_@?(YP9Ij0W|O%r27jR$jPOdK&Cm?Ge>TJ&ecebkE)F
zZ}K;i)~?&E4ty6tQ{?VmY-ft|Nuf4S5SD1GI;M_SKTIt-w;TdoI*V|(Zt=aC{C=>u
z+3C6P5|M1{T}4+Q77{!%-_-`zp3%!vB`!zY?SxfMd@|YxUOVaiHPi*ZrBA9Ezl>zO
z%*~-@-ISH$m2amyiDKWX@t@f-(F`vcnr%#p6nX{8F!*Se3f3uxp0NcLc^Ei{eK-tC
z8V9e;^xU>j&0Ry0N4scQ7G#^s%%wU|mh6gx<V;D50=qOXVwC8YSgR{8mZ!Yy38m_?
zkbPtI2|tcD>8?phg?D93dA%pip_68Pjr5OIxkJK-NK$vy_h`G;c*-1+#9b!L$VZ58
zJ<T7z*y72}DU9PWoFVH+mztlp<0;3M`5`;iagaOcW%o0FG~eNXy>0-^`yEMw38lm0
zSfO_o)cR*j{K{6W!}kEe+qJNoyl@7zXiFShZ_z))p#t==y2HtHxG@t}W0UP?wH-4k
z$~cyQ{Rh*E24%VK-k%w5UCnLbZqJjdck-UX!i+gJS#4tkL+ZVq%(IR}wJX+vrzC<D
z;G<9tD*1VEl`)km?WsEGcnYsG%koU2v<cdV=1eF+bH`@Y^oqP2T{YwqEGgywTyHv!
zpCj>I_6wKRxL44-r@NRcQ0#dgc})%#^Vke6G;CabXnsw)sMxklaYz}Pjr`lfMws$b
zgL9*P(``H16~N)g<1oj-gR~3Ac{%?RISpTQacS26R4b#yn!nLg<s?7Ae{DpSUv;Ej
zeL(QlxU76i2{Doskom!_t9ALW?wWxIr<>5#PW=(>uDK@jIK)M`oD1f&?d(2d)o=7B
z3s$rG=7;Fm{Nr_?*Tz(b5+Ruw$?T{Y@s`2aH$KyGQMtw<{lJsCU<cS5B@(C5^IQI0
z&%AXndi0iKBaC0-pTzKAg2N#|ahS{v*T6C^OBVN9MyH?^rr8B{L2uwSN*a+wznE!!
zX3=cBpAHUyInZroMG{bt%P%EC9*<Oo?+gy=66r-Kd}#xk9CxFtR}l5p;ZYS6zl^Cx
zR&r|vThipBaF7TJrgKBCTP{>*A}4=KCiFN`PmbrhU3b7#B}d~2z0=aD*b9o77&PIE
zf$9(-^LvxtSI$4gmo{MX87=L6(JIdkeFjPmaHEO%HyqqAb<2#+I-DLRleGpHJ-uyP
zyzF;|Ai!_X?Lr1>+%o<f-t5)ZMYNR({O~1knySPno6b5Gqpu^&fu2`uYI@(R{|0}}
z^{$&1?MsWw1&zd~`7=@<8qJh=mtUQ4u0Xw_D>^z-GoDae=0B>1CGrwc{h`geLy=(|
zupWgO1ZwL(q?2N%1v};z0@24>p9c%`0Kf)Xo6qvic9+?1k|$*RfrWT>x*_zTgE>6Y
z%EqXlZE?LDJQ7u(!v^e6*T0q!bfY@Bz?Od5AB?|E^h-2smQ!u*><=BrXx28)tqXNb
z);1hJ$Cfa2!8D>}fcqe8BWr~fKwv!6KjcJrE>Y@fvh(zNTtZkla9$?=FuiUel=;wA
zXJsJzP=X-xqqQQQKd4GoL#9HH{dXI11sfm~QW?$=gSOi5en)P(xu7V|GmqC#RedmZ
zcRF?8QMQj7ew;Z#0Ggcqun#QVUW;f4qN;fi5|{Q$_|#u{mkdx$CwuGbmAO|I$V7sJ
zURu@~BS_GuH_saCk1#8%LI&T|NL0DRlA@f`=5@p{u>`;3_XpX?&!)M=N)k#;>jIEg
zVMOwVV?Vy(cKNZmepxZTYW(L%1?=N@>H@Z&w_leNlRM_K9jpdU=~5V%bftR&cPpBO
zan5@p2<7IHaW0Avl~xa)x%9{>dphO6U2H=y0FGvbsl_$~H-LN1XXNOK(MM7#twYi$
z7*%2462thohyWYQ*#_-Eb>>WjX8Ofo7d7+qAr#Gi&8jK!m?(!*Keyks-oWKN?Rm(J
z$<3Kc`}syFSdY>$d<{LgAlCP4ks|W1;>qx;&!@A9%b#nZW4~_%+7v3_`GFtJVg3w$
zLfUQsMF!k+@I+m)gXQnO#u3ngOr&&TwJ^+H>YsJH>w`Hi$F5mo^?24!=!t0wCu)?=
zul`-+3el@8#tPV~FZ{~*sQ+aV%otH>W{!8-koie?42KiARF?IC{HZ-!rAQ$ITY$f<
zm#AmvKKBUs!=+yiUlDcmBW%%#MDH)Mu9LH{-`lMAQt?b~r`daQ%I8R~f}ZCjrnA^U
z+~l5InVG`}yD$<rmBX@~oNOO}XEYjh`B0z7g3Roc7o0p$HgcbwEI^MOiJ0mv9e3ua
zDhHAV&}YdeuN+pivHKQT<hD@nf36u!%R<r;;nO$v1=HYFc+>K0s?bRM>DA`pmf6a1
zDtB%MYfs#YocWAYZ4hzi6P87*A4SWBqx39s{Jf(R&x?C?l?3$`y;&C;Pn^vintg5I
zUYN!wh~Ze*SL`C(5YGQ?XQcEZ3<Pw}ywA!?u{Sh1$J(8L^nl_0iMGrT5ePekl!#D(
t3LozQAr1lE6W#UKOCTt@KigwXn?pk{oIb1jmX=R;Di4g%#Q(RY{TIa_xdi|K

diff --git a/src/BenchmarksApps/TLS/Nginx/Dockerfile b/src/BenchmarksApps/TLS/Nginx/Dockerfile
index 9be5be5b5..c9a17a830 100644
--- a/src/BenchmarksApps/TLS/Nginx/Dockerfile
+++ b/src/BenchmarksApps/TLS/Nginx/Dockerfile
@@ -1,11 +1,5 @@
 FROM nginx:latest
 
-# Define the ARG variable
-ARG SSL_LOGGING_ENABLED=false
-
-# Set the ENV variable based on the ARG variable
-ENV SSL_LOGGING_ENABLED=${SSL_LOGGING_ENABLED}
-
 # Copy configuration and SSL certificates
 COPY config/nginx.conf /etc/nginx/nginx.conf
 COPY config/cert.pem /etc/nginx/certs/cert.pem
diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem b/src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem
deleted file mode 100644
index 53420fb0c..000000000
--- a/src/BenchmarksApps/TLS/Nginx/config/cert-openssl.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID4zCCAsugAwIBAgIUXZ/RatnLCGSyEQYJj/ctBqp2uwYwDQYJKoZIhvcNAQEL
-BQAwgYAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdSZWRtb25kMRAwDgYDVQQHDAdS
-ZWRtb25kMQswCQYDVQQKDAJNUzELMAkGA1UECwwCTVMxCzAJBgNVBAMMAk1TMSYw
-JAYJKoZIhvcNAQkBFhdtaWNyb3NvZnRAbWljcm9zb2Z0LmNvbTAeFw0yNTAzMzEx
-MjIwMjNaFw0yNjAzMzExMjIwMjNaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
-UmVkbW9uZDEQMA4GA1UEBwwHUmVkbW9uZDELMAkGA1UECgwCTVMxCzAJBgNVBAsM
-Ak1TMQswCQYDVQQDDAJNUzEmMCQGCSqGSIb3DQEJARYXbWljcm9zb2Z0QG1pY3Jv
-c29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeEyMK3LRh
-Y1cvCx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1Nhoxc
-KL7MWDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0
-djylq+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPr
-aE0jZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/
-6FPP1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDB
-RvvfmhemeprTAgMBAAGjUzBRMB0GA1UdDgQWBBT/SqxDOGjMBxQIDeOGZqUDPmmr
-XTAfBgNVHSMEGDAWgBT/SqxDOGjMBxQIDeOGZqUDPmmrXTAPBgNVHRMBAf8EBTAD
-AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBPbCDT2dGIPO/0Cns1KtwECbd8FVYFhL2F
-4j9JW/BUTb4eEFX2U4HAmR+6+52em/S92q5aI7D2NiQIKPBpZQT66QW9QkB8iQM5
-Gq2UVcONVDYSaqGtuPzc9LijeMcJUB+YpArGoBypZfylvf9ksPEfYstR6Nx/3Pmt
-xSJfpsss6ddH7WStaRgH5yhZYZYy0coduzX5rZOkoq1C8aImlhjZHmycNCFi28Sx
-bIwu+MmK1pR6Wuj7DskHAXFPHAJx/WhX87XQBO8aUL1UCvsbRKL7LfnQxKur1NNo
-JpHk99O9VVpDW/P1ZE7IdPLFKlE2qyskr94hWGElpiFuCkC+lkOM
------END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert.pem b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
index 19fb060b4..cfd3b7981 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/cert.pem
+++ b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
@@ -1,35 +1,22 @@
-Bag Attributes
-    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
-subject=CN = localhost
-
-issuer=CN = localhost
-
 -----BEGIN CERTIFICATE-----
-MIIFCzCCAvOgAwIBAgIUAi7DqcEn4EsBm1lN4UcmmuxWPq0wDQYJKoZIhvcNAQEL
-BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDIyNjE4MzI0OVoYDzIxMjEw
-MjAyMTgzMjQ5WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQDI5+DbDLpVmRFFB9YR1NwAbdPzf7cV8RB32pNVHzLj
-iJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn277nX9KSU/7lELMlz+yGikwli3aI
-u4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhqG8SUBIhAjzjIXSf2+cv0Cq38cEX1
-WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmKqJYtVd7b/ytAmeM2ByZ4eVCZ31rR
-ELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT/3JXHXyQUn3kGMczgwL/IZZwqtAf
-E4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri3WsKT3iEp3P08WPi6dL7WF+PjpMl
-d9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5ZBDBm6J23feAOgZ8AZu/RKdAVgYBu
-Kr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKALbybMKMrYuc9DqbPGBbryLxklh9kN
-wMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1ZVJlGreyPD0mxET+O4DCz7UsA2CvB
-pKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKkIEhppv2vspl0Gh7xpZISJuWtmWiJ
-o03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCpTiAQljDTTb803NGyKBHx3cz17HU9
-xQIDAQABo1MwUTAdBgNVHQ4EFgQUGyQOi+8yPBZziF7ruCfQB4ooTMUwHwYDVR0j
-BBgwFoAUGyQOi+8yPBZziF7ruCfQB4ooTMUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
-hkiG9w0BAQsFAAOCAgEAHf+FN6rHdZJPdmUO1skpS9iVgXrKWGwo20Qrd3MttKfk
-xzFpOZLBEyn/qWmZe1YQqdcm4Yd7OjnKRb62zwE8gyTJlaA30qXGoJZrouWEAsWZ
-2//2h/Ju6XNy47p5F2UKAKqqGcSaDy9HEQF0wNwRz45LKYlJE7v7eDqo2TOampoH
-UXNRF9lKI4o+CKkSRquoqGXfw6GJmnxrozTzWl00igSXrX3+HkiKHNOgzaOoS+pP
-nFl/HI/jOFYh8AG/18U5iFBSTjXiyXmFvkb4309c188fJd1UMOVY1tbcfFWSftnL
-Ybk8UmGagtI9S8ExuQvk34TGDwj0vdKGiTBdL/qQ1vzxqLo2U7fHRcktSo27Ogtp
-JCzfyXKb41Cu4VOmzllTlhbg/p68rEeYcVIeZl86Yh3bFZNVpvHW9vzn8iLIXpGf
-nyt/XXG0cgkTPeWZ+zTPHLx/9YZBXViUuXobXLeUhueCaWGHYPkzKcV1c1B9oJjc
-/3JWbJVERFxMGgJpQUrTMerUCmY3C2lfPBm48ZmPCjmUUdWsh5vu2pVe+3hBIFeb
-Y/kkOuRqAmiW+EmjFNQNdcxsDstd1AeipapPSH0TLWTqvAs8MndoNmfHyOFomV38
-Els5LL5Pomm27oVq6JM1geF1jKShAnO/w/dlRXcB0PFJIlpWKpw7OE5qqPpoiZY=
+MIIDrTCCApWgAwIBAgIUHKdletylaQOCsLr2hYlAx7CtYNUwDQYJKoZIhvcNAQEL
+BQAwfzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xFTATBgNVBAoMDEV4YW1wbGUgQ29ycDEWMBQGA1UECwwN
+SVQgRGVwYXJ0bWVudDEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjUwNDAxMTE1
+MTU1WhcNMjYwNDAxMTE1MTU1WjB/MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs
+aWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMRXhhbXBs
+ZSBDb3JwMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRQwEgYDVQQDDAtleGFtcGxl
+LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtHEw2SKpAIBN/M
+zYNHdeUBr/+rl70+NULPOCNtHLBWxgb5qkhUi+weU3Szyju6ahYWeWLSmll9pEA8
+dyrR0D6OHo39o6RqH4KNHBMyIM3b1zvYdQCoXWFIBaLMzgS4I6YorMmiaIdd/rjT
+4IerkewQUidRUKD517dogWNwE8rP75joEGBPkTdA1g5EvqdrZFMEqfjvISr8VPns
+05BVBjOLpFmipKh+kgDvvnqENJKKUN3U34LobYuq+eJHgQljvE5NCF7lq3GtaGsB
+pVu1BnMmxA9mlxeEXbV7XcDbU4uYu03RG1b0zTNPf35YFTCj7ENe+xSwzpOEX7os
+zuBco+kCAwEAAaMhMB8wHQYDVR0OBBYEFOI/5fWJQJ7i4FDRi6LcINvIbjQ+MA0G
+CSqGSIb3DQEBCwUAA4IBAQA0MIxYSs3VI8DGQE/FLkNyDjVGK01LRliyTL6EEiAm
+I9PiCq5WYH+29u8wJV6YeveQ00EUx0IbHOo1Ojki0oDByNjnEU2JKEr+FeSi320Q
+GT9kn/tQuTTHZMIlqFOO+01f15ApaEyfOhDS1qC1zZWyjXSNC7/bVT1wVlH+hBGl
+n/VnaarlE4IQjH7XlVplYNwN6Cpl4796ns5q9nfQIFyePxJmUptvsaLWkICcF8fL
+oZfbxFLc8l/xT/vFpzHga096Ruhvqqolj7oGY2eFxAf/oUZqWPIa4zCP3WUaWPeU
+sBIETpjNwtjcrScm6D+DQO4B5eixCtrK51ye5/2t0Jb7
 -----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem b/src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem
deleted file mode 100644
index 3d9a00bda..000000000
--- a/src/BenchmarksApps/TLS/Nginx/config/key-openssl.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeEyMK3LRhY1cv
-Cx+UkFmrnjGTlEoBTX5QEB+nYC//ZGi1dxftWPzrE6uEo8YQZXGaQw1NhoxcKL7M
-WDfTY1J+0XJrrCzdrjEjHrZqYxDmIipjskPy/T659/3tRw4vCyaursBZu+i0djyl
-q+EduKzU+P9VBaexpqpt0Wy5eDebTEWj+2+HAJab4iRY/NwhCq5/M+ULZvPraE0j
-ZDknkv7FOmLRB1Hr5UIMqH4+AnldV7Y0eEysY08Bd7eulYI0qSpphekpMdQ/6FPP
-1Qxop8+nrjd9Dq3GhsdueFOLRD3rh6ahfZ40fScJtM21iI9xRk2N93nyEnDBRvvf
-mhemeprTAgMBAAECggEAHNcW/KNZ0a7jODUKVPulMJeTKf7TJbuywP7AF7SH7Uuv
-gvQwjGBA/M7A61lKCLHJcUCsi6lxsFrKvNOXk9y6L2MdQiHOqb9fPa4bz/s1GRfA
-riHXHd0wdZOWY5UkNFcPfq1pcLXE9i/gTsW2M8r+1Xh8dVGrz9C9pX2hHZGea5nM
-YRybhdpsqF0ul2jRy/KL6MRtyBJ0tQK7xhxUBpj4bbEFlU2DwSVkjxNcXHsF+/S8
-fIsLNwX4XZyjw8FDITe8OeVSQSV2E5LbXAz1MMFWqdWRNhfOHeQB+HuvpT83P316
-XUgOt1m3fLE/bbr+7uV1ixunJleskNMaQfmiskAQkQKBgQDRI8Nb+sStQRoPNsZW
-iuXH9Y/OopPv2zlKRBsktG/uixZAtIYbTxnqqLatARht3kBk7SiRWvnGHDdPi5xM
-8HdsNr8naadphzn6WD1DdFTxyJmCn/zYMh6jUTeQGQ1zitOpZajXhcJYqeD/bvxM
-mPd/Vm6aUpdkpwIaPHmfz3hcSQKBgQDBfkrcXT12ql29YfEgnyaCZWhtaMFFi+yf
-jedXDto0VOpc8HDVWpddNDOvzIDTcgP5iMApPFy5JCz1WU/FeWazsaQBTfzkQ/nt
-q2YAXqf2ckqdtITHxtih6MNMPIVE6e0M00xZ7qEjk9wGTl/4jevA0tFMV+OjKUjc
-paJTvramOwKBgElQXiWaTOPnVHlM3E5uNorYPGdVesK0eOrd4R4G2s4ml9Bq+DAO
-lKk8J32SSrwJE03ODVCXMcQPFBygdlRKX7LhpjTsxrEppFtsH13MJBL2HUo7R2mK
-eE8MI4wyHBMK8ZQKfRvAWha2xpcEkxFO9kP/SppypXu1R/lmhcRN+IVxAoGANChZ
-AaHYqZ4u+pfmKcb82HWBesycHKUlObVEwQDt7OFe84KUx85NswAZVrAnodfAHomw
-Uu1EiVupCtHyYObiulmOPhPJsbZpLpnfOwZI/HO+jVhV2oxNZQebbXd67SKplaV3
-lV5v7Wk0DDcgQ53uCOJLLOscH6VHUMMNSMnF7nUCgYA/8L38d5OcuEAOVno4E0C8
-r1USD1d+ZT5mJtbROpVXleIj/aoDdKKfLI0abBS47m7QEau8oKqAg1+5T4c8neR8
-FIcWQTg50rqO8dx7I05gQU5KamdFK3jpM4MBzrH0UK7PUeZ0L72okCYdhLMK3b20
-bvbOPOA68ZvvEDn9VA9Pkw==
------END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key.pem b/src/BenchmarksApps/TLS/Nginx/config/key.pem
index a1b7ce67f..d5870a3ce 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/key.pem
+++ b/src/BenchmarksApps/TLS/Nginx/config/key.pem
@@ -1,55 +1,28 @@
-Bag Attributes
-    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
-Key Attributes: <No Attributes>
 -----BEGIN PRIVATE KEY-----
-MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDI5+DbDLpVmRFF
-B9YR1NwAbdPzf7cV8RB32pNVHzLjiJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn
-277nX9KSU/7lELMlz+yGikwli3aIu4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhq
-G8SUBIhAjzjIXSf2+cv0Cq38cEX1WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmK
-qJYtVd7b/ytAmeM2ByZ4eVCZ31rRELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT
-/3JXHXyQUn3kGMczgwL/IZZwqtAfE4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri
-3WsKT3iEp3P08WPi6dL7WF+PjpMld9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5Z
-BDBm6J23feAOgZ8AZu/RKdAVgYBuKr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKAL
-bybMKMrYuc9DqbPGBbryLxklh9kNwMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1Z
-VJlGreyPD0mxET+O4DCz7UsA2CvBpKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKk
-IEhppv2vspl0Gh7xpZISJuWtmWiJo03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCp
-TiAQljDTTb803NGyKBHx3cz17HU9xQIDAQABAoICADgpGaIiHLRw5XL2jdDOP/Ge
-wfD/cp6flIrsfuL8pa0VM/JCGoBL+wvqq+0M/kvn1mdPDIWbFCNO1dgWhXcIQkTF
-ViuST4HybZvubPrR0YDHaUEjjkGJSZhUQl694PVSRFHI73sLRqkmSMzglkMKQUxK
-vQTFhbZ0fZ7qnVhDykqbTywvjHDHJQLtm+mGe3MXSOClOeTbogReH4ezOMfTiUjW
-O7EDU5B2zzo+L1nUJf7rPAHmPaWlfeZN0onz9RAmqaLMh50NpA2ckc8RSVUw2PE/
-HhH1Gzo7FUtciEFWfncxbZIjwFCGLNzCwjadtLwaLvTn3aYXfFyoGR/x5UosjPOI
-wErw3qp2phIGhXQtw2n0vNJEVqQVOvUGE/enUdXhzbaLZIvwdLCjqz1sgt1/qyrj
-Gw6FLtSj9r1dcxy6IwawzSWHhMp6WC1QxPJrw6ho34Tp3ATEPi0vDOY6CKbt6sjb
-t7M6yqgb+XRp2An3ynsthCRfkRrfnYB5TMLzP2t03LpKtOM3/dikWPhKvc5xCw4l
-fKVQxEm7uC7IpLdMK7RNU+eE2V2zicEiHMy356VLewsxDSG5apV2LKKs6y4iYowZ
-3SJ0/uCbXiqXusdYXfhTAm5FaJPAqYXFq7ItvI0/tPzgYSV/6M/TD//KTptXtNJZ
-38lvcYZIkEvQPZY4QCLBAoIBAQD5PduTz6zZK9QA0aAYMuoHoyOh1nDQWTFkp9g5
-3mPKHAvgiNAH38a9lqSTyGYC/EVjWjw3jM47P7l6c8uxdwRwqDVDlHJrzbdh3p6J
-014oQ2MTmSpqqUW/6MpQgtnC6aqySKzJCiYF9dbqHmOE9DjOi0AfQ2W+U2afvVCp
-FgSFgV+zTE/bxnXkaY8er1lwUNkUPQWr4+z3Zh9q2SSnTar2yYsnmVQn+TWsKA2o
-oNPY0hDaXCX1zAE41Lj7Lf/gJb+Au3w/w/iQRg0oef66EU0XeyGOHahj6vgFxoEk
-e5WB6gL9sxsZ7xrqUHnov3TA8S1ZzkWYjbjpCjv+Mv+kflP7AoIBAQDOWn28sKvR
-X0NWVP8Rb1PrESRe4wCYjE+gU/Jmey6Ez0KF+Zep05EVI6axPZtbHPA6MCrS8IWG
-+S9Tdk4ZX+1czQdewAlUNbL79qElknkrCZeeLz5fhIYtCTwaobKV7O9V/qq90EOR
-TJdPiZKdU3Z7ui2IGAFJuxthxsBK2zMTK7laOoenSC765kSuVq6nc+zAGNDFI9Bp
-/ocVSdcJQHUgsYxn3/jb5KirliQuvcxFIFHloU2tXCdC1SUkdl+/5ym0iGNdlCGh
-uQsr9MBEjHBnOsQ2YqMenSm2etVuGmwMJSN4TkpuqjFx0prLWkT+1RVQeUXNnVNu
-j5YeEpr6hEk/AoIBAQDHf1zHRj57IhqygRfc5rvuWwWFX6izDAF+KN7pCvni52oW
-Ukv5UYO5ct/OrmQA1b4QlUSHzjuwrwQeYJtVNAeoyOrBagvgACxduRw7A6VlIvMl
-175c25rJzmJJ6UK2QeRwib1LucTPloRspuBPpk/l+w3bOE4y9ny5NYZfoREDb5eT
-Y2y0ZHku19NH42D6hqwLCAEHIgwlxmc1VhOBmqhSmuW4T4FN8aqlXvX32KtY7GOy
-9Hkp8h20SIi7/IjH+E79kpQUUh8eFAQqNuPOOVT0i4lDQLftKkFWFhp+gjEcaJv2
-R6tUqc9oZ/v8cWrZmPIM5Q9N2Xp9hcSZZma7WqaLAoIBAEk0zTqtqqbilu7/xGWZ
-CzpvoGmROtrjnDQS1AILXVt8c+s3uthi2CuZtD9Yzc6rG4ZpJCglcBmMOX/wjpBt
-+bVcf2rb0fNwAYll25GKvzXHd2SE+inEyB0eE5aXGtYZcmcdq9EfG3lmpJ9w/PSX
-cYc/a3vGmF5h5LrxWbK0xQ/eCSm7bfiooRIdsuvukJOTisAzjY0CwaN4ys+AnKsJ
-lQP+OQN4776DBlupLjju2JMFfkhqyzXfZYZOO5kN7bYU+jSz1hySusO29AGqGLO4
-5v+YV5e7sobf1raIKUOgWAiO/GBn1fwgoN3yizvtUGDfk2ozO9JQKBMnGWidzSFm
-4N0CggEBALLPDQCol67RBsDxPzYDVn3g2nLGYqrr0UP9Qd/MoY+IsPv3VNbjo8qF
-JyskoycIRk7M+GAd5dgmboi3uZomoUIoy2nUFaMq6I6JfMfYKggy6yfYS/WK2XnV
-2yaSQEAlUCLf3GPk4OFkisqQuvnSg5GJlYlraG+w4kwNxKije5l6pqVf5op8/Qu7
-tBQfPd4pDLBq2NRJUqMTper4H3o6N66i0cUv4yzhi832RET38ieCDSJyC9ivtDfD
-HA3f3s5KQMBz3DE5/PelAeO989UVZ4FR5azdSznaykbKbDO5b6GngjcCFGV/jdST
-lOZIsIthM9vRTfPNs6cuapFulsL0qWM=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7RxMNkiqQCATf
+zM2DR3XlAa//q5e9PjVCzzgjbRywVsYG+apIVIvsHlN0s8o7umoWFnli0ppZfaRA
+PHcq0dA+jh6N/aOkah+CjRwTMiDN29c72HUAqF1hSAWizM4EuCOmKKzJomiHXf64
+0+CHq5HsEFInUVCg+de3aIFjcBPKz++Y6BBgT5E3QNYORL6na2RTBKn47yEq/FT5
+7NOQVQYzi6RZoqSofpIA7756hDSSilDd1N+C6G2LqvniR4EJY7xOTQhe5atxrWhr
+AaVbtQZzJsQPZpcXhF21e13A21OLmLtN0RtW9M0zT39+WBUwo+xDXvsUsM6ThF+6
+LM7gXKPpAgMBAAECggEABxOKxcLVzDbGsF+AYyB/yj/DvbO8emXFBMQ9s8ul/4fC
+gyBLQzZmnxe6QY5K6vItRgO4DHg2utZDhDsvVDU0sC3AkSREsFa44BRNkPAeSzOu
+W1A02OnZCsRPlN+LkqQT5222sbEVpV/I2y+uVpIGDoHDXkGf+/p/ddUDZpV6j07h
+bsJCmXsNGWgy3PvF/WvLPS1PQ4ktVku2k9MdDoTVxOB1WipFw5mnO8Pe0v24gJuK
+QQLnQXUneRI53+2eU5iekdYp8RXxIsZIx37zysuUvKA5cfLCMztEcOgPor9/Zbph
+8SnUrMgSnbQGtEQA+jILtiUX3zAzfxnqdZIENIG+8QKBgQD2G2A6RJ3CzoFbh3dK
+C4ihGmHBR39w4eW9mpqzb9+a0bZzKdgPGML7dYeFz9Zr7WpJRKpsrvuOkm9m8h27
+T7rbVRNveKaJB35VwqEm+wFKg6z6ORWQmjYr0BObxF4wv41unmPN8BmliVVkQKQd
+B89xhZmpcYg1d8aC/+8jcxVHPQKBgQDCzk0Uio113qNDROJxsbiVtAOFvcL9kFhs
+EewRjc9dE6eujhO290ZoiEKz8V4zOpsz0mMJuS0/pM2wJNXWRzDN+UCmYboqpT0T
+O1cXRDMt8NLb6RxAn66lhj66s1oTVflYhHHm9Ytxf960EsvtmCHIJvYldy4/YP9H
+BPgM0wr6HQKBgHrcLczI5m0TBHb6CK45Vcr/TZ/cnp1u2G8wGFzN07YJTWjukcLv
+nJ9GDBLcL/IPQsky81VwgXqqVdzxr7AL3H+UWDCE7bZovEP59tNr6TgWxirghoh6
+w+JZbQCNJmx1pBh+D9sGKvd9uNhkgMlRVdkZVh3F5La0hbBuLibnU88NAoGAPAjh
+/lOYttuPCvseohU4IoKgl0Xc4tHqPhvj2aEPZ8rX4VaNwtQ/0ZU0oUngUv9bt0O+
+G9ACntuGPCON9wRniQKopt31RpE32kZuV5BACYdvJDCZ8VyEsSRHDriZKN5VAq+G
+frvrZmYW1v339NfuiUVglDk/em7FHTjtzN35Qw0CgYBqc1Dcz7vOs7sHQr2cslEI
+dGAwlV9F3D8bYgKt2cYtgbNIK6gfmZmJBbfVTtwataV9oV2o6cbeNK8SL7qScc3R
+Pbu3UNpFk7cBlHi9OVJwdpZaYG8ITkQGvwa8V6+EwgzOKcrHgBC9Efso20v32SyN
+9JJgBEYMrvx2awpN+af1iA==
 -----END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
index 053cccaa7..c0b63c9c7 100644
--- a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
+++ b/src/BenchmarksApps/TLS/Nginx/start-nginx.sh
@@ -1,3 +1,3 @@
 #!/bin/bash
-echo "$(date) - Application started. Logging: $LOGGING"
+echo "$(date) - Application started."
 nginx -g "daemon off;" # start nginx
\ No newline at end of file

From 86ca436f1a99d442dfebd7f0e4d6459dfc1cbac6 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Tue, 1 Apr 2025 14:06:04 +0200
Subject: [PATCH 16/32] update cert for nginx + kestrel

---
 src/BenchmarksApps/TLS/Kestrel/testCert.pfx  | Bin 3699 -> 4045 bytes
 src/BenchmarksApps/TLS/Nginx/config/cert.pem |  53 ++++++++-----
 src/BenchmarksApps/TLS/Nginx/config/key.pem  |  79 +++++++++++++------
 3 files changed, 86 insertions(+), 46 deletions(-)

diff --git a/src/BenchmarksApps/TLS/Kestrel/testCert.pfx b/src/BenchmarksApps/TLS/Kestrel/testCert.pfx
index a0da01e6baae2b2a34dd2948e5a303feb53a90ee..e03e6d5395f04b195385b112eed4ec73b097d07d 100644
GIT binary patch
literal 4045
zcmY+GXD}R$x5o8ec6AXEb=9?^#}d6utlp!9AVP@fEXxw2_g<nUI&YNdHF^ob>LrM>
z(OG@3cjn&vzxTtLGxI!i&bQ|`4+KFyh=+?0K~TpLk@APDhhr#liE;B0)WHM@>VSLM
z2ZA81{*OhJk08vym$LD2aqd^je;i!MLn5;O{y>3C1fe1z!9d+EC>)(5@bE}*f)Rv{
zhPL}DN(n>}TzvJ#o#)E_-l?~z({yD5VKjo=)HU^+G(VQfx5iZylmN=2$wo50{O6IB
zlH&~>zc#V6W!lV=ygV()Z=MS*9O1pgVQ+-Nk9WEx6J(?X{(cwLC1l9$u45m1P`?xH
z>tdI>(JbgB_$5C+2w90_l5O9qDdTY6lia_Eu(feS1sc6W5INFziS<3mQt_d3P`X(w
z8VC-q6yRV<FEVB<m6UJ-T^?41lt`vyU299T{uv|-)X&|(`K$IBS^UV3#jRH-Uo>VS
zIe@c{Y3F#@&AIY7I^b;&w$Y}jfaY@bcJ>)l1&M`zBzyrON@Xv<b!764AUps)+dI`~
zlJdQfP;~mZW|m-&)D~J3)G}kjWH74umB*1Km~)uKw*@0%%f(1*Y}_v}Zg>^|^uPm1
z^cUk7+a&P%mw$Y}e=hKh%}3s2HEuF(;eEo*3vysy<|(_LhqdM(eN4{l^=_IQZqdH{
zehJxw9HTAU=v(tIC9n5h*`)GCW7UWmY)ECes(a|&UZALoA8UyYoYFTQ>(t$jz9j<G
zQl3<fVrQ~VFy1GV<iJR|++z|-G`}oULsEs(t?`k}3w~lzy<)G3Wnn_*1OOwPQst#L
zS?BT-)9T`hcA>KK$<DYCj@CX|A`|7)I<1TGNM2IXrb`nX#vr*rnWtJA&#zx{Qe>Dt
z#DqbcO|uy%Spg;4hcQ_B?dYBp02AvLaY?<9mwki~iDByt*&2Aez+Pbs7Xg#wu97Q$
zLLhLg8HC%HV<g7}dR+Dmyv<?$QmfSdNSjWiGckxC*W@pmb#yOYszBuz3xMFE*k<Ey
z6jkKcYmI~STl5h!1wwh|I^dRo$fLToga&HAQ-iH36yO1Vil#k9z8`UfXwWMvJd~qJ
zp>2Q6m*-HWp0)&d_@;|*gtMMR(pJZu<9*CuV*DGs$ff1CFpW;HB?G1=yO9yA44}rG
z$qBZJL$^S9mmyxcsx>~)cHA(IAP$f_m=vInUjqJ?3O8xW`)hXAi(Sun#%&$cM_CrM
z8fPsd7$IdafqJ=zh3ff*PXhC*t9H0+fG;Lp-jKX_G8qwftpx9W#<otw#u*s@b&Z>v
zP;ustnDsI_zHNfi$JZh@=+$Yef1N8Py>ws_KsF_x-v#Zst;;+V>z2`BZ#=1t4;J9X
zwhp~klLD2l3V!wDO)<h3@U$4|iywmHXGt3!6FxdBl;xP?e5`H8Rl}9%va%!tRSxEp
zG|?a4QHQUmm{P0++ziZi2ezWw_ojS2icmtTjZHj2%K07#d#G`le<d&D;cb|EuP1Ej
zO0|*l(S?$R1LNDxBl=M{SM8Z@!x1a6(Ae+=ce;`%o2Co_wG#x~o7!8`5mkKyZuFiJ
zce(`?t8m*{dW-zY+6q{<K57Uo@l4+_mn=P<YpsMBLx$PRs|jXQg9sO2>sZ*dS#bAZ
z2x{zyK<%hknC$d&$(pCG#qk%fxV#Kv^DL&lYcCKh<jl4!8+}DGq5f>D+pyWL@CAgS
z@>i1rmtU_lZc1@7<$wryt@tHdFcBhaQfmMr>h@FE@Hob~tG*J?eU0kLt4~nx9N2nh
z3~|taYwN|MLcVe@z38g-C~kcgLCppnwW*zJPo~DFN`=Wc4Mi7Pv`=GD2n)%%NbO8T
zc-N2B1V-=y<PyHhI0&-2mX<}%TM`cZ5FnYej<h}q7H9OXX1^1lUeR)}Z{^LHl7_Tv
zR^`lYn=5pmT02B*yk`n~SgyuhrEFjqhR@KEip4m(cvUXAE&A|6JL!m_ru=XV%J>7G
zF>GN(8t5vdD%x(*Xg+F3d^fODx1i{lC<^t%&Jcni?fO4p&PR~e5g<sb?&Y%kDIp^N
zA54?s;@z9B_oDOvqc{G)^bSvRAnMJL75|ss_vh*cni{(=1|&dYO)r7x7f@wsvouoi
zh~VW=d)%WsZQPg#Qe3B6X|mJr*TR+xW&2C3cgsHh@IosZS1ZyIc*J&Cc|8@AX}rAJ
zRDYBxUvfO_x<wIa@z@zJmNt~x_4V7J?cNSQbs3ipaA(@@*?dM(?&&*U$$-4oF6k_V
z&a)IBLrl*qUT9OpW|XGDjFICLWJy?3srSgCf0Jc{6a#e3PV#BU0$Zv-*zd5wW%)#r
zl!;@zFO6^(BVFF}L`~Vt7fk-i-+5N4XVazuS=}U%s%>&RdngPsFi09bZX>&+_1h9#
zR!ogk0(2YOj<b@A-{*&`F!Y9%*z9U52smlmC-bgv(QJGz;7MQuVLGnYFXKGdD!Tri
zkXWBVm=9r&w1wD?@nmD83Oi?iE@6|IxAgL#2A4DV7f;{;+xl==W&uz-%0GMBIW_*$
z5E<i?Zd{UV6{6~V-aJ{jo8@Qn=n_q*0~bnF+b%X#VM<K$=X0%@Q~r2Ctn20};OlsD
z<$dvtT}6*ecs-NfWyNHTMJ3A7IK^~?5Qsle?>juWDOLJBk@<k42-EU`hp)R11Vb*n
zY~nUK<X42C1vywS!~P<NDKZ=7&)1_xT5=?Msuwzm;m@z|R=#h98Rg+pKTI0ileE_{
z1(A|3;h7!R1UdT!W-@uu?4_@?(YP9Ij0W|O%r27jR$jPOdK&Cm?Ge>TJ&ecebkE)F
zZ}K;i)~?&E4ty6tQ{?VmY-ft|Nuf4S5SD1GI;M_SKTIt-w;TdoI*V|(Zt=aC{C=>u
z+3C6P5|M1{T}4+Q77{!%-_-`zp3%!vB`!zY?SxfMd@|YxUOVaiHPi*ZrBA9Ezl>zO
z%*~-@-ISH$m2amyiDKWX@t@f-(F`vcnr%#p6nX{8F!*Se3f3uxp0NcLc^Ei{eK-tC
z8V9e;^xU>j&0Ry0N4scQ7G#^s%%wU|mh6gx<V;D50=qOXVwC8YSgR{8mZ!Yy38m_?
zkbPtI2|tcD>8?phg?D93dA%pip_68Pjr5OIxkJK-NK$vy_h`G;c*-1+#9b!L$VZ58
zJ<T7z*y72}DU9PWoFVH+mztlp<0;3M`5`;iagaOcW%o0FG~eNXy>0-^`yEMw38lm0
zSfO_o)cR*j{K{6W!}kEe+qJNoyl@7zXiFShZ_z))p#t==y2HtHxG@t}W0UP?wH-4k
z$~cyQ{Rh*E24%VK-k%w5UCnLbZqJjdck-UX!i+gJS#4tkL+ZVq%(IR}wJX+vrzC<D
z;G<9tD*1VEl`)km?WsEGcnYsG%koU2v<cdV=1eF+bH`@Y^oqP2T{YwqEGgywTyHv!
zpCj>I_6wKRxL44-r@NRcQ0#dgc})%#^Vke6G;CabXnsw)sMxklaYz}Pjr`lfMws$b
zgL9*P(``H16~N)g<1oj-gR~3Ac{%?RISpTQacS26R4b#yn!nLg<s?7Ae{DpSUv;Ej
zeL(QlxU76i2{Doskom!_t9ALW?wWxIr<>5#PW=(>uDK@jIK)M`oD1f&?d(2d)o=7B
z3s$rG=7;Fm{Nr_?*Tz(b5+Ruw$?T{Y@s`2aH$KyGQMtw<{lJsCU<cS5B@(C5^IQI0
z&%AXndi0iKBaC0-pTzKAg2N#|ahS{v*T6C^OBVN9MyH?^rr8B{L2uwSN*a+wznE!!
zX3=cBpAHUyInZroMG{bt%P%EC9*<Oo?+gy=66r-Kd}#xk9CxFtR}l5p;ZYS6zl^Cx
zR&r|vThipBaF7TJrgKBCTP{>*A}4=KCiFN`PmbrhU3b7#B}d~2z0=aD*b9o77&PIE
zf$9(-^LvxtSI$4gmo{MX87=L6(JIdkeFjPmaHEO%HyqqAb<2#+I-DLRleGpHJ-uyP
zyzF;|Ai!_X?Lr1>+%o<f-t5)ZMYNR({O~1knySPno6b5Gqpu^&fu2`uYI@(R{|0}}
z^{$&1?MsWw1&zd~`7=@<8qJh=mtUQ4u0Xw_D>^z-GoDae=0B>1CGrwc{h`geLy=(|
zupWgO1ZwL(q?2N%1v};z0@24>p9c%`0Kf)Xo6qvic9+?1k|$*RfrWT>x*_zTgE>6Y
z%EqXlZE?LDJQ7u(!v^e6*T0q!bfY@Bz?Od5AB?|E^h-2smQ!u*><=BrXx28)tqXNb
z);1hJ$Cfa2!8D>}fcqe8BWr~fKwv!6KjcJrE>Y@fvh(zNTtZkla9$?=FuiUel=;wA
zXJsJzP=X-xqqQQQKd4GoL#9HH{dXI11sfm~QW?$=gSOi5en)P(xu7V|GmqC#RedmZ
zcRF?8QMQj7ew;Z#0Ggcqun#QVUW;f4qN;fi5|{Q$_|#u{mkdx$CwuGbmAO|I$V7sJ
zURu@~BS_GuH_saCk1#8%LI&T|NL0DRlA@f`=5@p{u>`;3_XpX?&!)M=N)k#;>jIEg
zVMOwVV?Vy(cKNZmepxZTYW(L%1?=N@>H@Z&w_leNlRM_K9jpdU=~5V%bftR&cPpBO
zan5@p2<7IHaW0Avl~xa)x%9{>dphO6U2H=y0FGvbsl_$~H-LN1XXNOK(MM7#twYi$
z7*%2462thohyWYQ*#_-Eb>>WjX8Ofo7d7+qAr#Gi&8jK!m?(!*Keyks-oWKN?Rm(J
z$<3Kc`}syFSdY>$d<{LgAlCP4ks|W1;>qx;&!@A9%b#nZW4~_%+7v3_`GFtJVg3w$
zLfUQsMF!k+@I+m)gXQnO#u3ngOr&&TwJ^+H>YsJH>w`Hi$F5mo^?24!=!t0wCu)?=
zul`-+3el@8#tPV~FZ{~*sQ+aV%otH>W{!8-koie?42KiARF?IC{HZ-!rAQ$ITY$f<
zm#AmvKKBUs!=+yiUlDcmBW%%#MDH)Mu9LH{-`lMAQt?b~r`daQ%I8R~f}ZCjrnA^U
z+~l5InVG`}yD$<rmBX@~oNOO}XEYjh`B0z7g3Roc7o0p$HgcbwEI^MOiJ0mv9e3ua
zDhHAV&}YdeuN+pivHKQT<hD@nf36u!%R<r;;nO$v1=HYFc+>K0s?bRM>DA`pmf6a1
zDtB%MYfs#YocWAYZ4hzi6P87*A4SWBqx39s{Jf(R&x?C?l?3$`y;&C;Pn^vintg5I
zUYN!wh~Ze*SL`C(5YGQ?XQcEZ3<Pw}ywA!?u{Sh1$J(8L^nl_0iMGrT5ePekl!#D(
t3LozQAr1lE6W#UKOCTt@KigwXn?pk{oIb1jmX=R;Di4g%#Q(RY{TIa_xdi|K

literal 3699
zcmai%Ra6uV*M*s3NQVJLLb_9MhVGUwY3T+DDZv>eWT>G_X#r`FMmmI{M4AEVl4cM=
zkdpZP*8i{fz5FiDI&1HJaqjkd4ipLT1OjlONC*c$5pSeg<T(j|0FaM_P=Sz;`+sc+
z6iFEHZ-k$ZBy{_0IRgPWf0xa_2>@#SkH8~=>O*1wN-&fiM3%O4#V*EDp5y1@KacD<
zkN^S+aiCy)!vDJpB*MdiGT;;0M5+NCaX|oH5Lt8YEo!L=<M_(|f}1wU{^kvm;3!+o
zDXEjbv7Y*2=Z^D%7G&I=>C_oh1}0gX{kb>EXM5g%kJ7*cH8(-jIQsravs2&??>v{_
zENOFL-PdCSwL6$xKV>$gMpB`&i_tGxBQ%TK<%YN!HA)8^JF4zb<I}K4t6Nyi2t@CY
z8f}hKn*ZJiY381LS=syHQ#Q=cQPngu|3V{*>sFq>blIy!DNZ0MzpMT+c)t=EZ$u*`
z%FTCP^;k~T!K3AoI%h*zu)&~D9CdQhxq5mP$=#RR5)tVPbDO=2mAuHWPg@D<wfHP&
zwHYJ6?g2q*OeU`d+%1eqGYeB=#Fq@w*Y)wga~=b2PnHO2UJ3tzO^)+Hgt{S;<C+rR
z8ZKLYnhr=-_c4v|j}6^r;&urW-{{`}Wp}f1dR{<RC^}j9L!xJ&{!X2ze|}jI;PQrc
zm;AA7UR@i@D=kYZ+UuYbLd9uW7l)y!<tHYLb0vzp1;oTLIU~^{Pe5J@U30MwGB$Ue
ziI@}8_E70#c%LjS-hog|Li#TPg?^~XGQl8ID=%R}uK9OpDyxW+jGK9R-aXEpmqhS(
z_6b9oMWrOM&(;GyV6d%YQwYD&i$SRi{zKC^<_%}XjachV<nh;B-4FH}esJewIwvbB
zYU**l`sY~0gAl96En=Q0w;R<yQ67N7u4iAw9!Fxx-8p^oveWOOH>j5jXX&m4omYfi
zaB3i&K+gO!;i>Ub7ceBKo|cfo>f$$PGOg5L^1E*piZDE0;eui~t(~N#3B+mcc%#Rq
z{;h87G1moNra61#srzW_;aa%!r>Tu%#M5M(2Q!J$ebJ8IyRfKQ_uDA-hy~rLq7ca|
zl!UWZH5i`Rg_g~l^iqBGxxWeFeaU>d#YKRX50Ra?IASbK`e^LR$D3&8Bh$vr&w|;#
zi_hGm%;=c#OGY{47}M*67<!FCaUZW^jl3lQxUkc8SHCmuiSB6k%WVAolNEw#A(pEP
zQuP>baUC+Wby(vydX*Ee2FE>ho;mp08*2NbeR7B2Mvc}#I+>XUUOIiSXy(sOov6(@
z7=@QZKPRpr)h@$<Dr0En$v4QA?8$;Up7qwBruc)&0-1DT^9`}4cY4%b!#UrwMI)$g
zH!F+H>MtBrZ)*LhnR-Cq{ab3(hDIM<%Z#K5zP-49>vFuHDX&{AbjPvwx?GolUVxGH
zFg_^m2tH0OejZmrCb_WWFrLb5EUx|$Tu<qZk*OLI^}~)Dhp#$BF`vgMj?&NeUU0N`
zn3koaR8;COU~c5n4z!cgA4!%wvPXxj>^!^rWz>*5t=6*W=X^gY^y2!GY*+Dh3+oC$
zI+t=xko3UKa9?zzg{e5XUK#uBbbYvVD;L#A2r6Wi7#nA~Hvn3Ov(v}ICQ$ZGA9(4~
zq7x8KcepwlR+pk_{fPT+Ytnuysx3c|f0+6*S7^whrOd9g`Iu2WQgfJZGWm~jXPssI
zSyLh?(3JS9ex}E(Z(iUD%N_UNNvJ}*xK&U961XGd@ak6NXRd^CW_{@k-O5KgmKi_-
zp)=k;pAE4$!FA2!yVFf{V9Bu&K^%slXUqVpmBL9roG5@6FzsDwj%BhU8XjdFck+kz
z&-xFpYTqnxKFwr)wG4g_IvZEcl}FsCq@d-HFF#4z!*9c-^{zuS$E5^#I_&#4J>iE^
zN*Rr>wYhXKlp564_sc>XoAAFAs|mhaK3mkMuPrAaXlKOTX}sQ05Fp8U=dt}8rETgL
zwjVpJQ`z`4VYNW%;><Cwhgz@MR%gCn;YJ^8?ns}cNWG|$n!Q2{*%=-^%-0Xdwti10
z-v$2l`{COp{vTM{SMsY+)snIDu%I%7*DhwwH!R;j3RlLu6&8#?rYCVvH}1ykG+88-
zXZY5)x4=7Tsd_52?F^IHf_u`Fg_!S0bm_y{sEaB&Vl9hhd~~vsvGjoqloViAh&ef4
zOBx(Rv|_WZtQS<0Mnq{eKo3!~J4TCuv-LjQV1b4n<ziE_wpNEV#%TyYuIYze3bckM
zIVLT^vG3;4V>g@Kw8gq2nD7|0qDCC_)%DJuL|;cwooxA*$fSQC6C8?A3n=>%7Q8xL
zEt05K;vP?_;=?d?w#ERiDDvR?f*v2m&73VXJdrwOTlDIW5@q=92sfIvA;)Tov589Z
zu=70>z3=Y~0k);YR3^Sg#PWV!Z&Gf$E!IS#6~e<Zj`-u5R042|>fcUXgq%&Z(A`U@
zuv?^YIqr_%PO*^WEZ=R|oT+?f2Q|O8xTGWOq^OKai%k`Wo)HVWY{V%twPQUgB2y%%
z<`36)^Np;uq)nwy4Fb(OhQ!<QBty|e`!96SN~WxU6mM(ukO$q_BV$G>_L~yHyuW4*
zfQv<d{D)7<-wy#J*;&7fEQem@QaW44KQqRAKK9cqdR5rc<}9MFdu~*W{r&J034^7l
z?8l^=H947DyWf1zk1M%f3^A2ev??u0`PHq5cmvcU*k>qy{fZ{Bq4d4W{@x`HzE}h$
zWn9LM+(-1A?OS`kp=*7g?*ENV%DN#f$M|I5Jo%ApxVK4Yg7p&g(03(|YlzoJ^Uc$D
zs^^I@q@_Bf+^7wSUs{8?Rby7J>TR1_KM#tjmx4e!GORGLql3F86{mnoi_;bbx#l{o
z@2$PygElkEmTVmT2Qhr55uST<Lzx@dG<~*qi5dw0mJ`Z(s_-Iq^48F1ba?lOuJ;$J
zSxh1ni5K?|NBkE|@Pa@{Jj7qy@9%iy-}`@N0TTm&e?y7CrpW&Sk%S_f-~%DH>5+m>
z3z<uV<^Kc`qXY;93x&wl@<ms?sh~OmAwd(BL>X{RB=pE#Aoy6P1LA3;9uOjsKvn-?
zfs&^2(l7t~Z8(L7JQi}>?*<377<{y9ay|cK=e@FQrO(FWJgXA%<aTtp7~`uge_>Zf
zOS0~s$SPqVMgsUmP7zOl=}c;X)+ulKkBpH!ESG<d@2%<_@e*<q-94)@V?n88r@Q89
zRx*1n?l^3RYxEy8@fWJC%h#pne=v2AV-{{V`I3={jj<%OIW6B7$Eu`<zKk3+2jf&I
z)&_HGxrByQWj^O;Dd8fQiuglGX?l<I9g~QM=dYbuM-w4E>RpqUb^TO^^mm%I+dgsl
z-zp>PdkH)|;=^EZMXq<qfsQ*+enXqr5vF!JPKR5lDh*|v^WD_Eqc-fJX(cg_A(u5w
z4#s0*uTWZW3rKPvPVbcfwJR%Nt=?=cKbJwshNMr=tC(a`!ft$wK(H`>&Q6`wMZyPF
z7*S){Kj1p$xrSmh4Yu@<W2)ccrS>kV3^Ok$54{wN{U<~47K^C!U$w7al<YD%Xa$)O
z6?`{H$m{UyKL30|F4toJAwe$K4ny~DQM0(nZA}eDx^SQRDVzs?>1jY|f8fzmMn#Q=
z!oby;l7V&HoI(DLLtYVMd_|lgsnALFtdj8#?P}&OC4<$8>Is76Tb_f~$NJs9uLc4m
z!X58J{KZn;uG{E7)r1pYUnK*jakq5{kM*9*1t56XvjT#6aOy1j$Inkx9H*OcGucc$
z3=0>{>RkTl8+LyED8<K<$nnWB#?e5y0i`Z;G`Bb3(?QKcqatQukg951&^Q$M9RgQr
zo0(f3sNv-q$CSl4Pw|NG5ZUo4>|M#(JbI!%DqCptLe-JMYSgueFwe4Jakq9oobE(A
zY^3JpuY_uSaRvEm%&PW2)t@b&%n`wM%K5>;WUX5bUwzieXRLzTV;tl$P~Y<GOE}3|
z$jV0wE#7FBr0p@5mmX>^3o6`ADPRwNf$J3zLEmYno)n;jpX>1z88Ebq5k}v>?+RmP
zP;JbhLA2XeB(uFew7+Z(eSfN2<SD<<Dtge~GZ`AZcj>|9UD{iKqgLN*tzwr<c*(5M
zF+WD;pg~H*PB~#*fI>+2s4ek5nDLz_av?SqHjllxG)mN^6`mEf3jd@wnTL&ZEHj=w
zeeSRKVz1gSg3Aq)s5abw#R2q^=B*g5#kpj=BlbV6L^v5#A-&0ZwCoU-6cjZLSN!de
zr^dt;wnyn2HfC*4G;RXBM)Q5qeC@GIQ*0W>dvjY(n^~A3Zi>R7q=NO=oF!!vN**y6
zAmw5;1xwhg{MQm1XH`4Ko)t2DfjtfsZnBNJ+WWBC=Z&L;q^%G>+Uc5;5L^4rJwZJz
z%7azUlknr#8O@i7<(ZibaSmC-e4itmAq~jfZIgUFuV8w;g$cm^n9!Gv>Amuwa*}GW
zNLcr(l4RYWg>E*npC2CM)FY0gu?&Z-v1*y&v6vwG(+4u-7qh7TjzAM^eBMI|6OS5V
zCOX{Y8q=9&54r`c)~=Nt!F?K$rpC?>q|b~v8ukaZxF{edq;~{g$h7uF+iVv6v(2WP
zBFAO2ZWfZ=glI<Y0y8)%S}iJ*-t{KoaELZn!HS=k;i7yGof3S$=>)qU61=htP_-Xi
zb6%`b3=fre@~W4BaX{JrDOw^*7!~LNR+Tjik<2X^IU_aY!uWG1*HWSjssM#SN&b1$
zfB-xk5c3QEJQfkhfSDcHrbfhaxxPyk2+u`jyb;PTkej3mBLopjg>dipXBx!)w`%_b
D4eZW{

diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert.pem b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
index cfd3b7981..19fb060b4 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/cert.pem
+++ b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
@@ -1,22 +1,35 @@
+Bag Attributes
+    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
+subject=CN = localhost
+
+issuer=CN = localhost
+
 -----BEGIN CERTIFICATE-----
-MIIDrTCCApWgAwIBAgIUHKdletylaQOCsLr2hYlAx7CtYNUwDQYJKoZIhvcNAQEL
-BQAwfzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
-DVNhbiBGcmFuY2lzY28xFTATBgNVBAoMDEV4YW1wbGUgQ29ycDEWMBQGA1UECwwN
-SVQgRGVwYXJ0bWVudDEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjUwNDAxMTE1
-MTU1WhcNMjYwNDAxMTE1MTU1WjB/MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs
-aWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMRXhhbXBs
-ZSBDb3JwMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRQwEgYDVQQDDAtleGFtcGxl
-LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtHEw2SKpAIBN/M
-zYNHdeUBr/+rl70+NULPOCNtHLBWxgb5qkhUi+weU3Szyju6ahYWeWLSmll9pEA8
-dyrR0D6OHo39o6RqH4KNHBMyIM3b1zvYdQCoXWFIBaLMzgS4I6YorMmiaIdd/rjT
-4IerkewQUidRUKD517dogWNwE8rP75joEGBPkTdA1g5EvqdrZFMEqfjvISr8VPns
-05BVBjOLpFmipKh+kgDvvnqENJKKUN3U34LobYuq+eJHgQljvE5NCF7lq3GtaGsB
-pVu1BnMmxA9mlxeEXbV7XcDbU4uYu03RG1b0zTNPf35YFTCj7ENe+xSwzpOEX7os
-zuBco+kCAwEAAaMhMB8wHQYDVR0OBBYEFOI/5fWJQJ7i4FDRi6LcINvIbjQ+MA0G
-CSqGSIb3DQEBCwUAA4IBAQA0MIxYSs3VI8DGQE/FLkNyDjVGK01LRliyTL6EEiAm
-I9PiCq5WYH+29u8wJV6YeveQ00EUx0IbHOo1Ojki0oDByNjnEU2JKEr+FeSi320Q
-GT9kn/tQuTTHZMIlqFOO+01f15ApaEyfOhDS1qC1zZWyjXSNC7/bVT1wVlH+hBGl
-n/VnaarlE4IQjH7XlVplYNwN6Cpl4796ns5q9nfQIFyePxJmUptvsaLWkICcF8fL
-oZfbxFLc8l/xT/vFpzHga096Ruhvqqolj7oGY2eFxAf/oUZqWPIa4zCP3WUaWPeU
-sBIETpjNwtjcrScm6D+DQO4B5eixCtrK51ye5/2t0Jb7
+MIIFCzCCAvOgAwIBAgIUAi7DqcEn4EsBm1lN4UcmmuxWPq0wDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDIyNjE4MzI0OVoYDzIxMjEw
+MjAyMTgzMjQ5WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDI5+DbDLpVmRFFB9YR1NwAbdPzf7cV8RB32pNVHzLj
+iJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn277nX9KSU/7lELMlz+yGikwli3aI
+u4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhqG8SUBIhAjzjIXSf2+cv0Cq38cEX1
+WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmKqJYtVd7b/ytAmeM2ByZ4eVCZ31rR
+ELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT/3JXHXyQUn3kGMczgwL/IZZwqtAf
+E4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri3WsKT3iEp3P08WPi6dL7WF+PjpMl
+d9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5ZBDBm6J23feAOgZ8AZu/RKdAVgYBu
+Kr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKALbybMKMrYuc9DqbPGBbryLxklh9kN
+wMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1ZVJlGreyPD0mxET+O4DCz7UsA2CvB
+pKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKkIEhppv2vspl0Gh7xpZISJuWtmWiJ
+o03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCpTiAQljDTTb803NGyKBHx3cz17HU9
+xQIDAQABo1MwUTAdBgNVHQ4EFgQUGyQOi+8yPBZziF7ruCfQB4ooTMUwHwYDVR0j
+BBgwFoAUGyQOi+8yPBZziF7ruCfQB4ooTMUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+hkiG9w0BAQsFAAOCAgEAHf+FN6rHdZJPdmUO1skpS9iVgXrKWGwo20Qrd3MttKfk
+xzFpOZLBEyn/qWmZe1YQqdcm4Yd7OjnKRb62zwE8gyTJlaA30qXGoJZrouWEAsWZ
+2//2h/Ju6XNy47p5F2UKAKqqGcSaDy9HEQF0wNwRz45LKYlJE7v7eDqo2TOampoH
+UXNRF9lKI4o+CKkSRquoqGXfw6GJmnxrozTzWl00igSXrX3+HkiKHNOgzaOoS+pP
+nFl/HI/jOFYh8AG/18U5iFBSTjXiyXmFvkb4309c188fJd1UMOVY1tbcfFWSftnL
+Ybk8UmGagtI9S8ExuQvk34TGDwj0vdKGiTBdL/qQ1vzxqLo2U7fHRcktSo27Ogtp
+JCzfyXKb41Cu4VOmzllTlhbg/p68rEeYcVIeZl86Yh3bFZNVpvHW9vzn8iLIXpGf
+nyt/XXG0cgkTPeWZ+zTPHLx/9YZBXViUuXobXLeUhueCaWGHYPkzKcV1c1B9oJjc
+/3JWbJVERFxMGgJpQUrTMerUCmY3C2lfPBm48ZmPCjmUUdWsh5vu2pVe+3hBIFeb
+Y/kkOuRqAmiW+EmjFNQNdcxsDstd1AeipapPSH0TLWTqvAs8MndoNmfHyOFomV38
+Els5LL5Pomm27oVq6JM1geF1jKShAnO/w/dlRXcB0PFJIlpWKpw7OE5qqPpoiZY=
 -----END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key.pem b/src/BenchmarksApps/TLS/Nginx/config/key.pem
index d5870a3ce..a1b7ce67f 100644
--- a/src/BenchmarksApps/TLS/Nginx/config/key.pem
+++ b/src/BenchmarksApps/TLS/Nginx/config/key.pem
@@ -1,28 +1,55 @@
+Bag Attributes
+    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
+Key Attributes: <No Attributes>
 -----BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7RxMNkiqQCATf
-zM2DR3XlAa//q5e9PjVCzzgjbRywVsYG+apIVIvsHlN0s8o7umoWFnli0ppZfaRA
-PHcq0dA+jh6N/aOkah+CjRwTMiDN29c72HUAqF1hSAWizM4EuCOmKKzJomiHXf64
-0+CHq5HsEFInUVCg+de3aIFjcBPKz++Y6BBgT5E3QNYORL6na2RTBKn47yEq/FT5
-7NOQVQYzi6RZoqSofpIA7756hDSSilDd1N+C6G2LqvniR4EJY7xOTQhe5atxrWhr
-AaVbtQZzJsQPZpcXhF21e13A21OLmLtN0RtW9M0zT39+WBUwo+xDXvsUsM6ThF+6
-LM7gXKPpAgMBAAECggEABxOKxcLVzDbGsF+AYyB/yj/DvbO8emXFBMQ9s8ul/4fC
-gyBLQzZmnxe6QY5K6vItRgO4DHg2utZDhDsvVDU0sC3AkSREsFa44BRNkPAeSzOu
-W1A02OnZCsRPlN+LkqQT5222sbEVpV/I2y+uVpIGDoHDXkGf+/p/ddUDZpV6j07h
-bsJCmXsNGWgy3PvF/WvLPS1PQ4ktVku2k9MdDoTVxOB1WipFw5mnO8Pe0v24gJuK
-QQLnQXUneRI53+2eU5iekdYp8RXxIsZIx37zysuUvKA5cfLCMztEcOgPor9/Zbph
-8SnUrMgSnbQGtEQA+jILtiUX3zAzfxnqdZIENIG+8QKBgQD2G2A6RJ3CzoFbh3dK
-C4ihGmHBR39w4eW9mpqzb9+a0bZzKdgPGML7dYeFz9Zr7WpJRKpsrvuOkm9m8h27
-T7rbVRNveKaJB35VwqEm+wFKg6z6ORWQmjYr0BObxF4wv41unmPN8BmliVVkQKQd
-B89xhZmpcYg1d8aC/+8jcxVHPQKBgQDCzk0Uio113qNDROJxsbiVtAOFvcL9kFhs
-EewRjc9dE6eujhO290ZoiEKz8V4zOpsz0mMJuS0/pM2wJNXWRzDN+UCmYboqpT0T
-O1cXRDMt8NLb6RxAn66lhj66s1oTVflYhHHm9Ytxf960EsvtmCHIJvYldy4/YP9H
-BPgM0wr6HQKBgHrcLczI5m0TBHb6CK45Vcr/TZ/cnp1u2G8wGFzN07YJTWjukcLv
-nJ9GDBLcL/IPQsky81VwgXqqVdzxr7AL3H+UWDCE7bZovEP59tNr6TgWxirghoh6
-w+JZbQCNJmx1pBh+D9sGKvd9uNhkgMlRVdkZVh3F5La0hbBuLibnU88NAoGAPAjh
-/lOYttuPCvseohU4IoKgl0Xc4tHqPhvj2aEPZ8rX4VaNwtQ/0ZU0oUngUv9bt0O+
-G9ACntuGPCON9wRniQKopt31RpE32kZuV5BACYdvJDCZ8VyEsSRHDriZKN5VAq+G
-frvrZmYW1v339NfuiUVglDk/em7FHTjtzN35Qw0CgYBqc1Dcz7vOs7sHQr2cslEI
-dGAwlV9F3D8bYgKt2cYtgbNIK6gfmZmJBbfVTtwataV9oV2o6cbeNK8SL7qScc3R
-Pbu3UNpFk7cBlHi9OVJwdpZaYG8ITkQGvwa8V6+EwgzOKcrHgBC9Efso20v32SyN
-9JJgBEYMrvx2awpN+af1iA==
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDI5+DbDLpVmRFF
+B9YR1NwAbdPzf7cV8RB32pNVHzLjiJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn
+277nX9KSU/7lELMlz+yGikwli3aIu4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhq
+G8SUBIhAjzjIXSf2+cv0Cq38cEX1WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmK
+qJYtVd7b/ytAmeM2ByZ4eVCZ31rRELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT
+/3JXHXyQUn3kGMczgwL/IZZwqtAfE4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri
+3WsKT3iEp3P08WPi6dL7WF+PjpMld9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5Z
+BDBm6J23feAOgZ8AZu/RKdAVgYBuKr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKAL
+bybMKMrYuc9DqbPGBbryLxklh9kNwMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1Z
+VJlGreyPD0mxET+O4DCz7UsA2CvBpKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKk
+IEhppv2vspl0Gh7xpZISJuWtmWiJo03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCp
+TiAQljDTTb803NGyKBHx3cz17HU9xQIDAQABAoICADgpGaIiHLRw5XL2jdDOP/Ge
+wfD/cp6flIrsfuL8pa0VM/JCGoBL+wvqq+0M/kvn1mdPDIWbFCNO1dgWhXcIQkTF
+ViuST4HybZvubPrR0YDHaUEjjkGJSZhUQl694PVSRFHI73sLRqkmSMzglkMKQUxK
+vQTFhbZ0fZ7qnVhDykqbTywvjHDHJQLtm+mGe3MXSOClOeTbogReH4ezOMfTiUjW
+O7EDU5B2zzo+L1nUJf7rPAHmPaWlfeZN0onz9RAmqaLMh50NpA2ckc8RSVUw2PE/
+HhH1Gzo7FUtciEFWfncxbZIjwFCGLNzCwjadtLwaLvTn3aYXfFyoGR/x5UosjPOI
+wErw3qp2phIGhXQtw2n0vNJEVqQVOvUGE/enUdXhzbaLZIvwdLCjqz1sgt1/qyrj
+Gw6FLtSj9r1dcxy6IwawzSWHhMp6WC1QxPJrw6ho34Tp3ATEPi0vDOY6CKbt6sjb
+t7M6yqgb+XRp2An3ynsthCRfkRrfnYB5TMLzP2t03LpKtOM3/dikWPhKvc5xCw4l
+fKVQxEm7uC7IpLdMK7RNU+eE2V2zicEiHMy356VLewsxDSG5apV2LKKs6y4iYowZ
+3SJ0/uCbXiqXusdYXfhTAm5FaJPAqYXFq7ItvI0/tPzgYSV/6M/TD//KTptXtNJZ
+38lvcYZIkEvQPZY4QCLBAoIBAQD5PduTz6zZK9QA0aAYMuoHoyOh1nDQWTFkp9g5
+3mPKHAvgiNAH38a9lqSTyGYC/EVjWjw3jM47P7l6c8uxdwRwqDVDlHJrzbdh3p6J
+014oQ2MTmSpqqUW/6MpQgtnC6aqySKzJCiYF9dbqHmOE9DjOi0AfQ2W+U2afvVCp
+FgSFgV+zTE/bxnXkaY8er1lwUNkUPQWr4+z3Zh9q2SSnTar2yYsnmVQn+TWsKA2o
+oNPY0hDaXCX1zAE41Lj7Lf/gJb+Au3w/w/iQRg0oef66EU0XeyGOHahj6vgFxoEk
+e5WB6gL9sxsZ7xrqUHnov3TA8S1ZzkWYjbjpCjv+Mv+kflP7AoIBAQDOWn28sKvR
+X0NWVP8Rb1PrESRe4wCYjE+gU/Jmey6Ez0KF+Zep05EVI6axPZtbHPA6MCrS8IWG
++S9Tdk4ZX+1czQdewAlUNbL79qElknkrCZeeLz5fhIYtCTwaobKV7O9V/qq90EOR
+TJdPiZKdU3Z7ui2IGAFJuxthxsBK2zMTK7laOoenSC765kSuVq6nc+zAGNDFI9Bp
+/ocVSdcJQHUgsYxn3/jb5KirliQuvcxFIFHloU2tXCdC1SUkdl+/5ym0iGNdlCGh
+uQsr9MBEjHBnOsQ2YqMenSm2etVuGmwMJSN4TkpuqjFx0prLWkT+1RVQeUXNnVNu
+j5YeEpr6hEk/AoIBAQDHf1zHRj57IhqygRfc5rvuWwWFX6izDAF+KN7pCvni52oW
+Ukv5UYO5ct/OrmQA1b4QlUSHzjuwrwQeYJtVNAeoyOrBagvgACxduRw7A6VlIvMl
+175c25rJzmJJ6UK2QeRwib1LucTPloRspuBPpk/l+w3bOE4y9ny5NYZfoREDb5eT
+Y2y0ZHku19NH42D6hqwLCAEHIgwlxmc1VhOBmqhSmuW4T4FN8aqlXvX32KtY7GOy
+9Hkp8h20SIi7/IjH+E79kpQUUh8eFAQqNuPOOVT0i4lDQLftKkFWFhp+gjEcaJv2
+R6tUqc9oZ/v8cWrZmPIM5Q9N2Xp9hcSZZma7WqaLAoIBAEk0zTqtqqbilu7/xGWZ
+CzpvoGmROtrjnDQS1AILXVt8c+s3uthi2CuZtD9Yzc6rG4ZpJCglcBmMOX/wjpBt
++bVcf2rb0fNwAYll25GKvzXHd2SE+inEyB0eE5aXGtYZcmcdq9EfG3lmpJ9w/PSX
+cYc/a3vGmF5h5LrxWbK0xQ/eCSm7bfiooRIdsuvukJOTisAzjY0CwaN4ys+AnKsJ
+lQP+OQN4776DBlupLjju2JMFfkhqyzXfZYZOO5kN7bYU+jSz1hySusO29AGqGLO4
+5v+YV5e7sobf1raIKUOgWAiO/GBn1fwgoN3yizvtUGDfk2ozO9JQKBMnGWidzSFm
+4N0CggEBALLPDQCol67RBsDxPzYDVn3g2nLGYqrr0UP9Qd/MoY+IsPv3VNbjo8qF
+JyskoycIRk7M+GAd5dgmboi3uZomoUIoy2nUFaMq6I6JfMfYKggy6yfYS/WK2XnV
+2yaSQEAlUCLf3GPk4OFkisqQuvnSg5GJlYlraG+w4kwNxKije5l6pqVf5op8/Qu7
+tBQfPd4pDLBq2NRJUqMTper4H3o6N66i0cUv4yzhi832RET38ieCDSJyC9ivtDfD
+HA3f3s5KQMBz3DE5/PelAeO989UVZ4FR5azdSznaykbKbDO5b6GngjcCFGV/jdST
+lOZIsIthM9vRTfPNs6cuapFulsL0qWM=
 -----END PRIVATE KEY-----

From ed3a43cf3c4417448cb3cdf79cc835d3d446059f Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 15:26:33 +0200
Subject: [PATCH 17/32] configure bit length

---
 scenarios/tls.benchmarks.yml                  |  4 +-
 src/BenchmarksApps/TLS/Certificates/README.md |  5 ++
 src/BenchmarksApps/TLS/Nginx/Dockerfile       | 13 +++--
 src/BenchmarksApps/TLS/Nginx/config/cert.pem  | 35 ------------
 src/BenchmarksApps/TLS/Nginx/config/key.pem   | 55 -------------------
 .../TLS/Nginx/{ => config}/start-nginx.sh     |  0
 6 files changed, 16 insertions(+), 96 deletions(-)
 create mode 100644 src/BenchmarksApps/TLS/Certificates/README.md
 delete mode 100644 src/BenchmarksApps/TLS/Nginx/config/cert.pem
 delete mode 100644 src/BenchmarksApps/TLS/Nginx/config/key.pem
 rename src/BenchmarksApps/TLS/Nginx/{ => config}/start-nginx.sh (100%)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 901a48e71..0eba1c877 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -248,8 +248,8 @@ scenarios:
   tls-handshakes-docker-nginx:
     application:
       job: dockerLinuxNginxServer
-      # buildArguments:
-      # - SSL_LOGGING_ENABLED=false
+      buildArguments:
+      - CERT_KEY_LENGTH=2048
     load:
       job: httpclient
       variables:
diff --git a/src/BenchmarksApps/TLS/Certificates/README.md b/src/BenchmarksApps/TLS/Certificates/README.md
new file mode 100644
index 000000000..fbd0a8ca0
--- /dev/null
+++ b/src/BenchmarksApps/TLS/Certificates/README.md
@@ -0,0 +1,5 @@
+# Certificates
+
+Certificate public-key length contributes to performant significantly, therefore there are 2 sets of certificates in corresponding directories ([2048 bit](./2048/) and [4096 bit](./4096/)).
+
+Both directories have a `testCert.pfx` and `cert.pem`/`key.pem` (different certs, but same key-length).
diff --git a/src/BenchmarksApps/TLS/Nginx/Dockerfile b/src/BenchmarksApps/TLS/Nginx/Dockerfile
index c9a17a830..43bdf871b 100644
--- a/src/BenchmarksApps/TLS/Nginx/Dockerfile
+++ b/src/BenchmarksApps/TLS/Nginx/Dockerfile
@@ -1,10 +1,15 @@
 FROM nginx:latest
 
-# Copy configuration and SSL certificates
+# or 4096 key length
+ARG CERT_KEY_LENGTH=2048 
+
+# Copy configuration
 COPY config/nginx.conf /etc/nginx/nginx.conf
-COPY config/cert.pem /etc/nginx/certs/cert.pem
-COPY config/key.pem /etc/nginx/certs/key.pem
-COPY start-nginx.sh /start-nginx.sh
+COPY config/start-nginx.sh /start-nginx.sh
+
+# Copy SSL certificates
+COPY ../Certificates/${CERT_KEY_LENGTH}/cert.pem /etc/nginx/certs/cert.pem
+COPY ../Certificates/${CERT_KEY_LENGTH}/key.pem /etc/nginx/certs/key.pem
 
 # Make the script executable
 RUN chmod +x /start-nginx.sh
diff --git a/src/BenchmarksApps/TLS/Nginx/config/cert.pem b/src/BenchmarksApps/TLS/Nginx/config/cert.pem
deleted file mode 100644
index 19fb060b4..000000000
--- a/src/BenchmarksApps/TLS/Nginx/config/cert.pem
+++ /dev/null
@@ -1,35 +0,0 @@
-Bag Attributes
-    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
-subject=CN = localhost
-
-issuer=CN = localhost
-
------BEGIN CERTIFICATE-----
-MIIFCzCCAvOgAwIBAgIUAi7DqcEn4EsBm1lN4UcmmuxWPq0wDQYJKoZIhvcNAQEL
-BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDIyNjE4MzI0OVoYDzIxMjEw
-MjAyMTgzMjQ5WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQDI5+DbDLpVmRFFB9YR1NwAbdPzf7cV8RB32pNVHzLj
-iJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn277nX9KSU/7lELMlz+yGikwli3aI
-u4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhqG8SUBIhAjzjIXSf2+cv0Cq38cEX1
-WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmKqJYtVd7b/ytAmeM2ByZ4eVCZ31rR
-ELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT/3JXHXyQUn3kGMczgwL/IZZwqtAf
-E4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri3WsKT3iEp3P08WPi6dL7WF+PjpMl
-d9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5ZBDBm6J23feAOgZ8AZu/RKdAVgYBu
-Kr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKALbybMKMrYuc9DqbPGBbryLxklh9kN
-wMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1ZVJlGreyPD0mxET+O4DCz7UsA2CvB
-pKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKkIEhppv2vspl0Gh7xpZISJuWtmWiJ
-o03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCpTiAQljDTTb803NGyKBHx3cz17HU9
-xQIDAQABo1MwUTAdBgNVHQ4EFgQUGyQOi+8yPBZziF7ruCfQB4ooTMUwHwYDVR0j
-BBgwFoAUGyQOi+8yPBZziF7ruCfQB4ooTMUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
-hkiG9w0BAQsFAAOCAgEAHf+FN6rHdZJPdmUO1skpS9iVgXrKWGwo20Qrd3MttKfk
-xzFpOZLBEyn/qWmZe1YQqdcm4Yd7OjnKRb62zwE8gyTJlaA30qXGoJZrouWEAsWZ
-2//2h/Ju6XNy47p5F2UKAKqqGcSaDy9HEQF0wNwRz45LKYlJE7v7eDqo2TOampoH
-UXNRF9lKI4o+CKkSRquoqGXfw6GJmnxrozTzWl00igSXrX3+HkiKHNOgzaOoS+pP
-nFl/HI/jOFYh8AG/18U5iFBSTjXiyXmFvkb4309c188fJd1UMOVY1tbcfFWSftnL
-Ybk8UmGagtI9S8ExuQvk34TGDwj0vdKGiTBdL/qQ1vzxqLo2U7fHRcktSo27Ogtp
-JCzfyXKb41Cu4VOmzllTlhbg/p68rEeYcVIeZl86Yh3bFZNVpvHW9vzn8iLIXpGf
-nyt/XXG0cgkTPeWZ+zTPHLx/9YZBXViUuXobXLeUhueCaWGHYPkzKcV1c1B9oJjc
-/3JWbJVERFxMGgJpQUrTMerUCmY3C2lfPBm48ZmPCjmUUdWsh5vu2pVe+3hBIFeb
-Y/kkOuRqAmiW+EmjFNQNdcxsDstd1AeipapPSH0TLWTqvAs8MndoNmfHyOFomV38
-Els5LL5Pomm27oVq6JM1geF1jKShAnO/w/dlRXcB0PFJIlpWKpw7OE5qqPpoiZY=
------END CERTIFICATE-----
diff --git a/src/BenchmarksApps/TLS/Nginx/config/key.pem b/src/BenchmarksApps/TLS/Nginx/config/key.pem
deleted file mode 100644
index a1b7ce67f..000000000
--- a/src/BenchmarksApps/TLS/Nginx/config/key.pem
+++ /dev/null
@@ -1,55 +0,0 @@
-Bag Attributes
-    localKeyID: 6A 28 3F AA A7 FF FC 12 9D F2 4C C0 E7 52 11 86 C7 92 62 19 
-Key Attributes: <No Attributes>
------BEGIN PRIVATE KEY-----
-MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDI5+DbDLpVmRFF
-B9YR1NwAbdPzf7cV8RB32pNVHzLjiJ9LNSq8yvI/k6xD3p8XHVJEC3TGMuOVK4Cn
-277nX9KSU/7lELMlz+yGikwli3aIu4A7NE84ACfR6ZFelAGcGr2nMze6K2YDwhhq
-G8SUBIhAjzjIXSf2+cv0Cq38cEX1WKy1h5xJm7FwuKlZsHmJw5Osk+8mFgHJ5TmK
-qJYtVd7b/ytAmeM2ByZ4eVCZ31rRELKZ2uEWoCImLCtCfohxEnhrLm09yB7JrbbT
-/3JXHXyQUn3kGMczgwL/IZZwqtAfE4SiHVLI3cFwO3VJjpRfAbg3xFbxwzhmdlri
-3WsKT3iEp3P08WPi6dL7WF+PjpMld9RZ587NBSqCmVfgBjY05wEcONSPyPY1gi5Z
-BDBm6J23feAOgZ8AZu/RKdAVgYBuKr6o6ZKqsJ+U+M5cwrXw/Rv78YQyr9ZlfKAL
-bybMKMrYuc9DqbPGBbryLxklh9kNwMJvt8FHEcmlbT5BsZJmm7JztPouN7mxMy1Z
-VJlGreyPD0mxET+O4DCz7UsA2CvBpKzLcRRHKKNbCwaeV/1UJKiyg4QWDGltlIKk
-IEhppv2vspl0Gh7xpZISJuWtmWiJo03zSr7NUNvXRY3pmNQXad7PHanVyTCopCCp
-TiAQljDTTb803NGyKBHx3cz17HU9xQIDAQABAoICADgpGaIiHLRw5XL2jdDOP/Ge
-wfD/cp6flIrsfuL8pa0VM/JCGoBL+wvqq+0M/kvn1mdPDIWbFCNO1dgWhXcIQkTF
-ViuST4HybZvubPrR0YDHaUEjjkGJSZhUQl694PVSRFHI73sLRqkmSMzglkMKQUxK
-vQTFhbZ0fZ7qnVhDykqbTywvjHDHJQLtm+mGe3MXSOClOeTbogReH4ezOMfTiUjW
-O7EDU5B2zzo+L1nUJf7rPAHmPaWlfeZN0onz9RAmqaLMh50NpA2ckc8RSVUw2PE/
-HhH1Gzo7FUtciEFWfncxbZIjwFCGLNzCwjadtLwaLvTn3aYXfFyoGR/x5UosjPOI
-wErw3qp2phIGhXQtw2n0vNJEVqQVOvUGE/enUdXhzbaLZIvwdLCjqz1sgt1/qyrj
-Gw6FLtSj9r1dcxy6IwawzSWHhMp6WC1QxPJrw6ho34Tp3ATEPi0vDOY6CKbt6sjb
-t7M6yqgb+XRp2An3ynsthCRfkRrfnYB5TMLzP2t03LpKtOM3/dikWPhKvc5xCw4l
-fKVQxEm7uC7IpLdMK7RNU+eE2V2zicEiHMy356VLewsxDSG5apV2LKKs6y4iYowZ
-3SJ0/uCbXiqXusdYXfhTAm5FaJPAqYXFq7ItvI0/tPzgYSV/6M/TD//KTptXtNJZ
-38lvcYZIkEvQPZY4QCLBAoIBAQD5PduTz6zZK9QA0aAYMuoHoyOh1nDQWTFkp9g5
-3mPKHAvgiNAH38a9lqSTyGYC/EVjWjw3jM47P7l6c8uxdwRwqDVDlHJrzbdh3p6J
-014oQ2MTmSpqqUW/6MpQgtnC6aqySKzJCiYF9dbqHmOE9DjOi0AfQ2W+U2afvVCp
-FgSFgV+zTE/bxnXkaY8er1lwUNkUPQWr4+z3Zh9q2SSnTar2yYsnmVQn+TWsKA2o
-oNPY0hDaXCX1zAE41Lj7Lf/gJb+Au3w/w/iQRg0oef66EU0XeyGOHahj6vgFxoEk
-e5WB6gL9sxsZ7xrqUHnov3TA8S1ZzkWYjbjpCjv+Mv+kflP7AoIBAQDOWn28sKvR
-X0NWVP8Rb1PrESRe4wCYjE+gU/Jmey6Ez0KF+Zep05EVI6axPZtbHPA6MCrS8IWG
-+S9Tdk4ZX+1czQdewAlUNbL79qElknkrCZeeLz5fhIYtCTwaobKV7O9V/qq90EOR
-TJdPiZKdU3Z7ui2IGAFJuxthxsBK2zMTK7laOoenSC765kSuVq6nc+zAGNDFI9Bp
-/ocVSdcJQHUgsYxn3/jb5KirliQuvcxFIFHloU2tXCdC1SUkdl+/5ym0iGNdlCGh
-uQsr9MBEjHBnOsQ2YqMenSm2etVuGmwMJSN4TkpuqjFx0prLWkT+1RVQeUXNnVNu
-j5YeEpr6hEk/AoIBAQDHf1zHRj57IhqygRfc5rvuWwWFX6izDAF+KN7pCvni52oW
-Ukv5UYO5ct/OrmQA1b4QlUSHzjuwrwQeYJtVNAeoyOrBagvgACxduRw7A6VlIvMl
-175c25rJzmJJ6UK2QeRwib1LucTPloRspuBPpk/l+w3bOE4y9ny5NYZfoREDb5eT
-Y2y0ZHku19NH42D6hqwLCAEHIgwlxmc1VhOBmqhSmuW4T4FN8aqlXvX32KtY7GOy
-9Hkp8h20SIi7/IjH+E79kpQUUh8eFAQqNuPOOVT0i4lDQLftKkFWFhp+gjEcaJv2
-R6tUqc9oZ/v8cWrZmPIM5Q9N2Xp9hcSZZma7WqaLAoIBAEk0zTqtqqbilu7/xGWZ
-CzpvoGmROtrjnDQS1AILXVt8c+s3uthi2CuZtD9Yzc6rG4ZpJCglcBmMOX/wjpBt
-+bVcf2rb0fNwAYll25GKvzXHd2SE+inEyB0eE5aXGtYZcmcdq9EfG3lmpJ9w/PSX
-cYc/a3vGmF5h5LrxWbK0xQ/eCSm7bfiooRIdsuvukJOTisAzjY0CwaN4ys+AnKsJ
-lQP+OQN4776DBlupLjju2JMFfkhqyzXfZYZOO5kN7bYU+jSz1hySusO29AGqGLO4
-5v+YV5e7sobf1raIKUOgWAiO/GBn1fwgoN3yizvtUGDfk2ozO9JQKBMnGWidzSFm
-4N0CggEBALLPDQCol67RBsDxPzYDVn3g2nLGYqrr0UP9Qd/MoY+IsPv3VNbjo8qF
-JyskoycIRk7M+GAd5dgmboi3uZomoUIoy2nUFaMq6I6JfMfYKggy6yfYS/WK2XnV
-2yaSQEAlUCLf3GPk4OFkisqQuvnSg5GJlYlraG+w4kwNxKije5l6pqVf5op8/Qu7
-tBQfPd4pDLBq2NRJUqMTper4H3o6N66i0cUv4yzhi832RET38ieCDSJyC9ivtDfD
-HA3f3s5KQMBz3DE5/PelAeO989UVZ4FR5azdSznaykbKbDO5b6GngjcCFGV/jdST
-lOZIsIthM9vRTfPNs6cuapFulsL0qWM=
------END PRIVATE KEY-----
diff --git a/src/BenchmarksApps/TLS/Nginx/start-nginx.sh b/src/BenchmarksApps/TLS/Nginx/config/start-nginx.sh
similarity index 100%
rename from src/BenchmarksApps/TLS/Nginx/start-nginx.sh
rename to src/BenchmarksApps/TLS/Nginx/config/start-nginx.sh

From 2c72fc0b1fd384559e616469b79492fc4da0d22d Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 15:38:35 +0200
Subject: [PATCH 18/32] try with other context dir?

---
 scenarios/tls.benchmarks.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 0eba1c877..f18ba9832 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -250,6 +250,7 @@ scenarios:
       job: dockerLinuxNginxServer
       buildArguments:
       - CERT_KEY_LENGTH=2048
+      dockerContextDirectory: ../
     load:
       job: httpclient
       variables:

From 37c7b5c07803ab79941b22f4f7201ace06f8c52d Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 15:42:38 +0200
Subject: [PATCH 19/32] fix paths and build context!

---
 scenarios/tls.benchmarks.yml            | 3 +--
 src/BenchmarksApps/TLS/Nginx/Dockerfile | 8 ++++----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index f18ba9832..19419c34f 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -66,7 +66,7 @@ jobs:
         branchOrCommit: main
     dockerFile: dockerNginx/src/BenchmarksApps/TLS/Nginx/Dockerfile
     dockerImageName: dockerNginx
-    dockerContextDirectory: dockerNginx/src/BenchmarksApps/TLS/Nginx
+    dockerContextDirectory: dockerNginx/src/BenchmarksApps/TLS
     port: 8080
     readyStateText: Application started.
     environmentVariables:
@@ -250,7 +250,6 @@ scenarios:
       job: dockerLinuxNginxServer
       buildArguments:
       - CERT_KEY_LENGTH=2048
-      dockerContextDirectory: ../
     load:
       job: httpclient
       variables:
diff --git a/src/BenchmarksApps/TLS/Nginx/Dockerfile b/src/BenchmarksApps/TLS/Nginx/Dockerfile
index 43bdf871b..00ba95d87 100644
--- a/src/BenchmarksApps/TLS/Nginx/Dockerfile
+++ b/src/BenchmarksApps/TLS/Nginx/Dockerfile
@@ -4,12 +4,12 @@ FROM nginx:latest
 ARG CERT_KEY_LENGTH=2048 
 
 # Copy configuration
-COPY config/nginx.conf /etc/nginx/nginx.conf
-COPY config/start-nginx.sh /start-nginx.sh
+COPY Nginx/config/nginx.conf /etc/nginx/nginx.conf
+COPY Nginx/config/start-nginx.sh /start-nginx.sh
 
 # Copy SSL certificates
-COPY ../Certificates/${CERT_KEY_LENGTH}/cert.pem /etc/nginx/certs/cert.pem
-COPY ../Certificates/${CERT_KEY_LENGTH}/key.pem /etc/nginx/certs/key.pem
+COPY Certificates/${CERT_KEY_LENGTH}/cert.pem /etc/nginx/certs/cert.pem
+COPY Certificates/${CERT_KEY_LENGTH}/key.pem /etc/nginx/certs/key.pem
 
 # Make the script executable
 RUN chmod +x /start-nginx.sh

From 369ee9439b9d2c67316a004992070b6f627e36ba Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 19:46:10 +0200
Subject: [PATCH 20/32] pre-configure properly!

---
 .../TLS/HttpSys/{ => NetSh}/NetShWrapper.cs   | 27 ++++-----
 .../TLS/HttpSys/NetSh/NetshConfigurator.cs    | 58 ++++++++++++++++++
 .../TLS/HttpSys/NetSh/NetshException.cs       | 18 ++++++
 src/BenchmarksApps/TLS/HttpSys/Program.cs     | 60 ++++---------------
 4 files changed, 101 insertions(+), 62 deletions(-)
 rename src/BenchmarksApps/TLS/HttpSys/{ => NetSh}/NetShWrapper.cs (92%)
 create mode 100644 src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
 create mode 100644 src/BenchmarksApps/TLS/HttpSys/NetSh/NetshException.cs

diff --git a/src/BenchmarksApps/TLS/HttpSys/NetShWrapper.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs
similarity index 92%
rename from src/BenchmarksApps/TLS/HttpSys/NetShWrapper.cs
rename to src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs
index 99b0ddf71..9322988c8 100644
--- a/src/BenchmarksApps/TLS/HttpSys/NetShWrapper.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs
@@ -1,9 +1,8 @@
 using System.Diagnostics;
 using System.Security.Cryptography.X509Certificates;
 using System.Text.RegularExpressions;
-using HttpSys.NetSh;
 
-namespace HttpSys
+namespace HttpSys.NetSh
 {
     public class NetShWrapper
     {
@@ -41,9 +40,9 @@ public void DeleteBindingIfExists(string ipPort)
             {
                 DeleteBinding(ipPort);
             }
-            catch
+            catch (Exception ex)
             {
-                // ignore
+                Console.WriteLine($"Failed to delete binding on port {ipPort}: " + ex);
             }
         }
 
@@ -51,7 +50,7 @@ public void DeleteBinding(string ipPort)
         {
             Console.WriteLine("Disabling mTLS for http.sys");
 
-            string command = $"http delete sslcert ipport={ipPort}";
+            var command = $"http delete sslcert ipport={ipPort}";
             ExecuteNetShCommand(command);
 
             Console.WriteLine("Disabled http.sys settings for mTLS");
@@ -168,23 +167,23 @@ public void SetTestCertBinding(string ipPort, bool enableClientCertNegotiation)
                 store.Close();
             }
 
-            string certThumbprint = certificate.Thumbprint;
+            var certThumbprint = certificate.Thumbprint;
             AddCertBinding(ipPort, certThumbprint, clientCertNegotiation: enableClientCertNegotiation ? NetShFlag.Enable : NetShFlag.Disabled);
 
             Console.WriteLine("Configured binding for testCert for http.sys");
         }
 
-        public bool TrySelfSignCertificate(string ipPort, out string certThumbprint)
+        public bool TrySelfSignCertificate(string ipPort, int certPublicKeyLength, out string certThumbprint)
         {
             certThumbprint = string.Empty;
             try
             {
                 // Extract the IP address from ipPort
-                string ipAddress = ipPort.Split(':')[0];
+                var ipAddress = ipPort.Split(':')[0];
 
                 // Generate a self-signed certificate using PowerShell
-                string command = $"New-SelfSignedCertificate -CertStoreLocation cert:\\LocalMachine\\My -DnsName {ipAddress}";
-                string output = ExecutePowershellCommand(command);
+                var command = $"New-SelfSignedCertificate -CertStoreLocation cert:\\LocalMachine\\My -DnsName {ipAddress} -KeyAlgorithm RSA -KeyLength {certPublicKeyLength}";
+                var output = ExecutePowershellCommand(command);
 
                 // Extract the thumbprint from the output
                 var lines = output.Split("\r\n", StringSplitOptions.RemoveEmptyEntries);
@@ -241,7 +240,7 @@ private void CertBindingCore(
             var clientcertnegotiationFlag = GetFlagValue(clientcertnegotiation);
             var disablesessionidFlag = GetFlagValue(disablesessionid);
             var enablesessionticketFlag = GetFlagValue(enablesessionticket);
-            string command = $"http {httpOperation} sslcert ipport={ipPort} certstorename=MY certhash={certThumbprint} appid={{{appId}}}";
+            var command = $"http {httpOperation} sslcert ipport={ipPort} certstorename=MY certhash={certThumbprint} appid={{{appId}}}";
 
             if (clientcertnegotiationFlag != null)
             {
@@ -280,7 +279,7 @@ private static string ExecuteNetShCommand(string command, bool ignoreErrorExit =
 
         private static string ExecuteCommand(string fileName, string command, bool ignoreErrorExit = false, bool logOutput = false)
         {
-            ProcessStartInfo processInfo = new ProcessStartInfo(fileName, command)
+            var processInfo = new ProcessStartInfo(fileName, command)
             {
                 RedirectStandardOutput = true,
                 RedirectStandardError = true,
@@ -289,8 +288,8 @@ private static string ExecuteCommand(string fileName, string command, bool ignor
             };
 
             Console.WriteLine($"Executing command: `{fileName} {command}`");
-            using Process process = Process.Start(processInfo)!;
-            string output = process.StandardOutput.ReadToEnd();
+            using var process = Process.Start(processInfo)!;
+            var output = process.StandardOutput.ReadToEnd();
             process.WaitForExit();
 
             if (logOutput)
diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
new file mode 100644
index 000000000..e82b3ad52
--- /dev/null
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
@@ -0,0 +1,58 @@
+namespace HttpSys.NetSh
+{
+    public static class NetshConfigurator
+    {
+        private static readonly NetShWrapper _netshWrapper = new();
+        private static string _certThumbprint;
+
+        public static SslCertBinding PreConfigureNetsh(
+            string httpsIpPort,
+            int certPublicKeyLength = 2048,
+            NetShFlag clientCertNegotiation = NetShFlag.Disabled,
+            NetShFlag disablesessionid = NetShFlag.Enable,
+            NetShFlag enableSessionTicket = NetShFlag.Disabled)
+        {
+            // we will anyway reconfigure the netsh certificate binding, so we can delete it firstly
+            _netshWrapper.DeleteBindingIfExists(httpsIpPort);
+
+            if (_netshWrapper.TryGetSslCertBinding(httpsIpPort, out var sslCertBinding))
+            {
+                throw new NetshException($"Binding already exists ({httpsIpPort}). It was unable to be deleted, and run can not proceed without proper configuration. SslCertBinding: " + sslCertBinding);
+            }
+
+            if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
+            {
+                throw new ApplicationException($"Failed to setup ssl binding for '{httpsIpPort}'. Please unblock the VM.");
+            }
+
+            _netshWrapper.AddCertBinding(
+                httpsIpPort,
+                _certThumbprint,
+                disablesessionid: disablesessionid,
+                enablesessionticket: enableSessionTicket,
+                clientCertNegotiation: clientCertNegotiation);
+
+            if (!_netshWrapper.TryGetSslCertBinding(httpsIpPort, out sslCertBinding))
+            {
+                throw new NetshException($"Failed to setup ssl binding for '{httpsIpPort}'. Please unblock the VM.");
+            }
+
+            return sslCertBinding;
+        }
+
+        public static void LogCurrentSslCertBinding(string httpsIpPort) => _netshWrapper.LogSslCertBinding(httpsIpPort);
+
+        public static void ResetNetshConfiguration(
+            string httpsIpPort,
+            int certPublicKeyLength = 4096)
+        {
+            _netshWrapper.DeleteBindingIfExists(httpsIpPort);
+            _netshWrapper.AddCertBinding(
+                httpsIpPort,
+                _certThumbprint,
+                disablesessionid: NetShFlag.NotSet,
+                enablesessionticket: NetShFlag.NotSet,
+                clientCertNegotiation: NetShFlag.NotSet);
+        }
+    }
+}
diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshException.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshException.cs
new file mode 100644
index 000000000..f17e1d2d0
--- /dev/null
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshException.cs
@@ -0,0 +1,18 @@
+namespace HttpSys.NetSh
+{
+    public class NetshException : Exception
+    {
+        public NetshException(string message) : base(message)
+        {
+        }
+        public NetshException(string message, Exception innerException) : base(message, innerException)
+        {
+        }
+        public NetshException(string message, string command) : base($"{message} Command: {command}")
+        {
+        }
+        public NetshException(string message, string command, Exception innerException) : base($"{message} Command: {command}", innerException)
+        {
+        }
+    }
+}
diff --git a/src/BenchmarksApps/TLS/HttpSys/Program.cs b/src/BenchmarksApps/TLS/HttpSys/Program.cs
index febb261f2..cbc416f59 100644
--- a/src/BenchmarksApps/TLS/HttpSys/Program.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/Program.cs
@@ -10,6 +10,8 @@
 // behavioral
 var mTlsEnabled = bool.TryParse(builder.Configuration["mTLS"], out var mTlsEnabledConfig) && mTlsEnabledConfig;
 var tlsRenegotiationEnabled = bool.TryParse(builder.Configuration["tlsRenegotiation"], out var tlsRenegotiationEnabledConfig) && tlsRenegotiationEnabledConfig;
+var certPublicKeySpecified = int.TryParse(builder.Configuration["certPublicKeyLength"], out var certPublicKeyConfig);
+var certPublicKeyLength = certPublicKeySpecified ? certPublicKeyConfig : 2048;
 var listeningEndpoints = builder.Configuration["urls"] ?? "https://localhost:5000/";
 var httpsIpPort = listeningEndpoints.Split(";").First(x => x.Contains("https")).Replace("https://", "");
 
@@ -18,45 +20,12 @@
 var statsEnabled = bool.TryParse(builder.Configuration["statsEnabled"], out var connectionStatsEnabledConfig) && connectionStatsEnabledConfig;
 var logRequestDetails = bool.TryParse(builder.Configuration["logRequestDetails"], out var logRequestDetailsConfig) && logRequestDetailsConfig;
 
-var mTLSNetShFlag = mTlsEnabled ? NetShFlag.Enable : NetShFlag.Disabled;
-
-var netshWrapper = new NetShWrapper();
-
-// verify there is an netsh http sslcert binding for specified ip:port
-if (!netshWrapper.TryGetSslCertBinding(httpsIpPort, out var sslCertBinding))
-{
-    Console.WriteLine($"No binding existed. Need to self-sign it and bind to '{httpsIpPort}'");
-    if (!netshWrapper.TrySelfSignCertificate(httpsIpPort, out var originalCertThumbprint))
-    {
-        throw new ApplicationException($"Failed to setup ssl binding for '{httpsIpPort}'. Please unblock the VM.");
-    }
-    netshWrapper.AddCertBinding(
-        httpsIpPort,
-        originalCertThumbprint,
-        disablesessionid: NetShFlag.Enable,
-        enablesessionticket: NetShFlag.Disabled,
-        clientCertNegotiation: mTLSNetShFlag);
-}
-
-Console.WriteLine("Current netsh ssl certificate binding: \n" + sslCertBinding);
-
-if (
-    // those flags can be set only on later versions of HTTP.SYS; so only considering mTLS here
-    (netshWrapper.SupportsDisableSessionId && sslCertBinding.DisableSessionIdTlsResumption != NetShFlag.Enable)
-    || (netshWrapper.SupportsEnableSessionTicket && (sslCertBinding.EnableSessionTicketTlsResumption == NetShFlag.Enable))
-    || sslCertBinding.NegotiateClientCertificate != mTLSNetShFlag)
-{
-    Console.WriteLine($"Need to prepare ssl-cert binding for the run.");
-    Console.WriteLine($"Expected configuration: mTLS={mTLSNetShFlag}; disableSessionId={NetShFlag.Enable}; enableSessionTicket={NetShFlag.Disabled}");
-
-    netshWrapper.UpdateCertBinding(
-        httpsIpPort,
-        sslCertBinding.CertificateThumbprint,
-        appId: sslCertBinding.ApplicationId,
-        disablesessionid: NetShFlag.Enable,
-        enablesessionticket: NetShFlag.Disabled,
-        clientCertNegotiation: mTLSNetShFlag);
-}
+var sslCertConfiguration = NetshConfigurator.PreConfigureNetsh(
+    httpsIpPort,
+    certPublicKeyLength: certPublicKeyLength,
+    clientCertNegotiation: mTlsEnabled ? NetShFlag.Enable : NetShFlag.Disabled,
+    disablesessionid: NetShFlag.Enable,
+    enableSessionTicket: NetShFlag.Disabled);
 
 #pragma warning disable CA1416 // Can be launched only on Windows (HttpSys)
 builder.WebHost.UseHttpSys(options =>
@@ -143,7 +112,7 @@
 
 await app.StartAsync();
 
-netshWrapper.LogSslCertBinding(httpsIpPort);
+NetshConfigurator.LogCurrentSslCertBinding(httpsIpPort);
 
 Console.WriteLine("Application Info:");
 if (mTlsEnabled)
@@ -165,11 +134,6 @@
 await app.WaitForShutdownAsync();
 Console.WriteLine("Application stopped.");
 
-if (netshWrapper.TryGetSslCertBinding(httpsIpPort, out sslCertBinding) && mTLSNetShFlag == NetShFlag.Enable)
-{
-    // update the sslCert binding to disable "negotiate client cert" (aka mTLS) to not break other tests.
-    Console.WriteLine($"Rolling back mTLS setting for sslCert binding at '{httpsIpPort}'");
-
-    sslCertBinding.NegotiateClientCertificate = NetShFlag.Disabled;
-    netshWrapper.UpdateCertBinding(httpsIpPort, sslCertBinding);
-}
\ No newline at end of file
+Console.WriteLine("Starting netsh rollback configuration...");
+NetshConfigurator.ResetNetshConfiguration(httpsIpPort, certPublicKeyLength: 4096); // a default value
+Console.WriteLine($"Reset netsh (ipport={httpsIpPort}) completed.");
\ No newline at end of file

From b81e10b4bfe6223d3f70c91bed227708bf684a0f Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 20:17:37 +0200
Subject: [PATCH 21/32] also delete a cert from the store

---
 .../TLS/HttpSys/NetSh/NetShWrapper.cs         |  4 ---
 .../TLS/HttpSys/NetSh/NetshConfigurator.cs    | 13 +++++--
 .../NetSh/SslCertificatesConfigurator.cs      | 35 +++++++++++++++++++
 3 files changed, 45 insertions(+), 7 deletions(-)
 create mode 100644 src/BenchmarksApps/TLS/HttpSys/NetSh/SslCertificatesConfigurator.cs

diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs
index 9322988c8..fc1d457ea 100644
--- a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetShWrapper.cs
@@ -48,12 +48,8 @@ public void DeleteBindingIfExists(string ipPort)
 
         public void DeleteBinding(string ipPort)
         {
-            Console.WriteLine("Disabling mTLS for http.sys");
-
             var command = $"http delete sslcert ipport={ipPort}";
             ExecuteNetShCommand(command);
-
-            Console.WriteLine("Disabled http.sys settings for mTLS");
         }
 
         public bool TryGetSslCertBinding(string ipPort, out SslCertBinding result)
diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
index e82b3ad52..651a4f49f 100644
--- a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
@@ -13,11 +13,12 @@ public static SslCertBinding PreConfigureNetsh(
             NetShFlag enableSessionTicket = NetShFlag.Disabled)
         {
             // we will anyway reconfigure the netsh certificate binding, so we can delete it firstly
-            _netshWrapper.DeleteBindingIfExists(httpsIpPort);
-
+            // and also delete a certificate which is bound to the netsh
             if (_netshWrapper.TryGetSslCertBinding(httpsIpPort, out var sslCertBinding))
             {
-                throw new NetshException($"Binding already exists ({httpsIpPort}). It was unable to be deleted, and run can not proceed without proper configuration. SslCertBinding: " + sslCertBinding);
+                Console.WriteLine($"Deleting certificate (thumbprint='{sslCertBinding.CertificateThumbprint}') from the localmachine(my) store");
+                SslCertificatesConfigurator.RemoveCertificate(sslCertBinding.CertificateThumbprint);
+                _netshWrapper.DeleteBindingIfExists(httpsIpPort);
             }
 
             if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
@@ -47,6 +48,12 @@ public static void ResetNetshConfiguration(
             int certPublicKeyLength = 4096)
         {
             _netshWrapper.DeleteBindingIfExists(httpsIpPort);
+            if (!string.IsNullOrEmpty(_certThumbprint))
+            {
+                Console.WriteLine($"Deleting certificate (thumbprint='{_certThumbprint}') from the localmachine(my) store");
+                SslCertificatesConfigurator.RemoveCertificate(_certThumbprint);
+            }
+
             _netshWrapper.AddCertBinding(
                 httpsIpPort,
                 _certThumbprint,
diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/SslCertificatesConfigurator.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/SslCertificatesConfigurator.cs
new file mode 100644
index 000000000..f87dded28
--- /dev/null
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/SslCertificatesConfigurator.cs
@@ -0,0 +1,35 @@
+using System.Security.Cryptography.X509Certificates;
+
+namespace HttpSys.NetSh
+{
+    public static class SslCertificatesConfigurator
+    {
+        public static void RemoveCertificate(string thumbprint)
+        {
+            try
+            {
+                using (var store = new X509Store(StoreName.My, StoreLocation.LocalMachine))
+                {
+                    store.Open(OpenFlags.ReadWrite);
+
+                    var certs = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false);
+                    if (certs.Count == 0)
+                    {
+                        Console.WriteLine("Certificate not found.");
+                    }
+
+                    foreach (var cert in certs)
+                    {
+                        store.Remove(cert);
+                        Console.WriteLine($"Deleted certificate (store LocalMachine/My): {cert.Subject}");
+                    }
+                    store.Close();
+                }
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine($"Remove certificate (thumbprint='{thumbprint}') error: {ex.Message}");
+            }
+        }
+    }
+}

From fd052b8fcafdba564ce0f27416e4b9a6c5017df1 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 21:12:44 +0200
Subject: [PATCH 22/32] properly reuse cert

---
 .../TLS/HttpSys/NetSh/NetshConfigurator.cs         | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
index 651a4f49f..363bfba78 100644
--- a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
@@ -16,14 +16,14 @@ public static SslCertBinding PreConfigureNetsh(
             // and also delete a certificate which is bound to the netsh
             if (_netshWrapper.TryGetSslCertBinding(httpsIpPort, out var sslCertBinding))
             {
-                Console.WriteLine($"Deleting certificate (thumbprint='{sslCertBinding.CertificateThumbprint}') from the localmachine(my) store");
-                SslCertificatesConfigurator.RemoveCertificate(sslCertBinding.CertificateThumbprint);
+                _certThumbprint = sslCertBinding.CertificateThumbprint;
                 _netshWrapper.DeleteBindingIfExists(httpsIpPort);
             }
 
-            if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
+            if (string.IsNullOrEmpty(_certThumbprint) // only need to self-sign if we dont have a cert in a store, otherwise just reuse it
+                && !_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
             {
-                throw new ApplicationException($"Failed to setup ssl binding for '{httpsIpPort}'. Please unblock the VM.");
+                throw new ApplicationException($"Failed to setup ssl binding for '{httpsIpPort}'.");
             }
 
             _netshWrapper.AddCertBinding(
@@ -48,10 +48,10 @@ public static void ResetNetshConfiguration(
             int certPublicKeyLength = 4096)
         {
             _netshWrapper.DeleteBindingIfExists(httpsIpPort);
-            if (!string.IsNullOrEmpty(_certThumbprint))
+            if (string.IsNullOrEmpty(_certThumbprint) // again - if cert already exists, we can just reuse it
+                && !_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
             {
-                Console.WriteLine($"Deleting certificate (thumbprint='{_certThumbprint}') from the localmachine(my) store");
-                SslCertificatesConfigurator.RemoveCertificate(_certThumbprint);
+                throw new ApplicationException($"Failed to self-sign a cert for '{httpsIpPort}'.");
             }
 
             _netshWrapper.AddCertBinding(

From e9b649b56125a40bf1c83f0a8c707e2f72f6f092 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 21:21:58 +0200
Subject: [PATCH 23/32] configure param

---
 scenarios/tls.benchmarks.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 19419c34f..b9a11e322 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -23,7 +23,8 @@ jobs:
       certValidationConsoleEnabled: false
       statsEnabled: false
       logRequestDetails: false
-    arguments: "--urls https://{{serverAddress}}:{{serverPort}} --mTLS {{mTLS}} --certValidationConsoleEnabled {{certValidationConsoleEnabled}} --statsEnabled {{statsEnabled}} --tlsRenegotiation {{tlsRenegotiation}} --logRequestDetails {{logRequestDetails}}"
+      certPublicKeyLength: 2048
+    arguments: "--urls https://{{serverAddress}}:{{serverPort}} --mTLS {{mTLS}} --certValidationConsoleEnabled {{certValidationConsoleEnabled}} --statsEnabled {{statsEnabled}} --tlsRenegotiation {{tlsRenegotiation}} --logRequestDetails {{logRequestDetails}} --certPublicKeyLength {{certPublicKeyLength}}"
 
   kestrelServer:
     source:
@@ -79,6 +80,8 @@ scenarios:
   tls-handshakes-httpsys:
     application:
       job: httpSysServer
+      variables:
+        certPublicKeyLength: 2048
     load:
       job: httpclient
       variables:
@@ -92,14 +95,12 @@ scenarios:
     application:
       job: httpSysServer
       variables:
+        certPublicKeyLength: 2048
         mTLS: true # enables settings on http.sys to negotiate client cert on connections
         tlsRenegotiation: true # enables client cert validation
-        certValidationConsoleEnabled: false # only for debug purposes
-        serverPort: 8080 # IMPORTANT: not to intersect with other tests in case http.sys configuration impacts other benchmarks
     load:
       job: httpclient
       variables:
-        serverPort: 8080 # in sync with server
         path: /hello-world
         presetHeaders: connectionclose
         connections: 32
@@ -112,9 +113,8 @@ scenarios:
     application:
       job: httpSysServer
       variables:
-        mTLS: false
+        certPublicKeyLength: 2048
         tlsRenegotiation: true
-        certValidationConsoleEnabled: false # only for debug purposes
     load:
       job: httpclient
       variables:

From daff6fb688ea152a23cca0a06d1c4f630ae7e516 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Wed, 2 Apr 2025 21:30:11 +0200
Subject: [PATCH 24/32] nah delete cert is a good step

---
 .../TLS/HttpSys/NetSh/NetshConfigurator.cs         | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
index 363bfba78..797ed791d 100644
--- a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
@@ -16,12 +16,11 @@ public static SslCertBinding PreConfigureNetsh(
             // and also delete a certificate which is bound to the netsh
             if (_netshWrapper.TryGetSslCertBinding(httpsIpPort, out var sslCertBinding))
             {
-                _certThumbprint = sslCertBinding.CertificateThumbprint;
+                SslCertificatesConfigurator.RemoveCertificate(sslCertBinding.CertificateThumbprint);
                 _netshWrapper.DeleteBindingIfExists(httpsIpPort);
             }
 
-            if (string.IsNullOrEmpty(_certThumbprint) // only need to self-sign if we dont have a cert in a store, otherwise just reuse it
-                && !_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
+            if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
             {
                 throw new ApplicationException($"Failed to setup ssl binding for '{httpsIpPort}'.");
             }
@@ -41,15 +40,18 @@ public static SslCertBinding PreConfigureNetsh(
             return sslCertBinding;
         }
 
-        public static void LogCurrentSslCertBinding(string httpsIpPort) => _netshWrapper.LogSslCertBinding(httpsIpPort);
+        public static void LogCurrentSslCertBinding(string httpsIpPort)
+            => _netshWrapper.LogSslCertBinding(httpsIpPort);
 
         public static void ResetNetshConfiguration(
             string httpsIpPort,
             int certPublicKeyLength = 4096)
         {
+            // delete cert binding and cert itself. We want it to be as clean and deterministic as possible (even if more actions are performed)
             _netshWrapper.DeleteBindingIfExists(httpsIpPort);
-            if (string.IsNullOrEmpty(_certThumbprint) // again - if cert already exists, we can just reuse it
-                && !_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
+            SslCertificatesConfigurator.RemoveCertificate(_certThumbprint);
+
+            if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
             {
                 throw new ApplicationException($"Failed to self-sign a cert for '{httpsIpPort}'.");
             }

From 88864bb00c24b7787e28d3ca82cf1f09785d22a2 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 11:45:42 +0200
Subject: [PATCH 25/32] go go cert length!!!

---
 scenarios/tls.benchmarks.yml                  |   6 ++++--
 src/BenchmarksApps/TLS/HttpSys/Program.cs     |   2 ++
 src/BenchmarksApps/TLS/HttpSys/testCert.pfx   | Bin 3699 -> 0 bytes
 src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj |  13 +++++++++++++
 src/BenchmarksApps/TLS/Kestrel/Program.cs     |   8 +++++++-
 src/BenchmarksApps/TLS/Kestrel/testCert.pfx   | Bin 4045 -> 0 bytes
 6 files changed, 26 insertions(+), 3 deletions(-)
 delete mode 100644 src/BenchmarksApps/TLS/HttpSys/testCert.pfx
 delete mode 100644 src/BenchmarksApps/TLS/Kestrel/testCert.pfx

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index b9a11e322..58dd1e510 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -131,6 +131,8 @@ scenarios:
   tls-handshakes-kestrel:
     application:
       job: kestrelServer
+      variables:
+        certPublicKeyLength: 2048
     load:
       job: httpclient
       variables:
@@ -144,8 +146,8 @@ scenarios:
     application:
       job: kestrelServer
       variables:
+        certPublicKeyLength: 2048
         mTLS: true
-        certValidationConsoleEnabled: false # only for debug purposes
     load:
       job: httpclient
       variables:
@@ -161,9 +163,9 @@ scenarios:
     application:
       job: kestrelServer
       variables:
+        certPublicKeyLength: 2048
         mTLS: false
         tlsRenegotiation: true
-        certValidationConsoleEnabled: false # only for debug purposes
     load:
       job: httpclient
       variables:
diff --git a/src/BenchmarksApps/TLS/HttpSys/Program.cs b/src/BenchmarksApps/TLS/HttpSys/Program.cs
index cbc416f59..580bd6a19 100644
--- a/src/BenchmarksApps/TLS/HttpSys/Program.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/Program.cs
@@ -12,6 +12,8 @@
 var tlsRenegotiationEnabled = bool.TryParse(builder.Configuration["tlsRenegotiation"], out var tlsRenegotiationEnabledConfig) && tlsRenegotiationEnabledConfig;
 var certPublicKeySpecified = int.TryParse(builder.Configuration["certPublicKeyLength"], out var certPublicKeyConfig);
 var certPublicKeyLength = certPublicKeySpecified ? certPublicKeyConfig : 2048;
+
+// endpoints
 var listeningEndpoints = builder.Configuration["urls"] ?? "https://localhost:5000/";
 var httpsIpPort = listeningEndpoints.Split(";").First(x => x.Contains("https")).Replace("https://", "");
 
diff --git a/src/BenchmarksApps/TLS/HttpSys/testCert.pfx b/src/BenchmarksApps/TLS/HttpSys/testCert.pfx
deleted file mode 100644
index a0da01e6baae2b2a34dd2948e5a303feb53a90ee..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 3699
zcmai%Ra6uV*M*s3NQVJLLb_9MhVGUwY3T+DDZv>eWT>G_X#r`FMmmI{M4AEVl4cM=
zkdpZP*8i{fz5FiDI&1HJaqjkd4ipLT1OjlONC*c$5pSeg<T(j|0FaM_P=Sz;`+sc+
z6iFEHZ-k$ZBy{_0IRgPWf0xa_2>@#SkH8~=>O*1wN-&fiM3%O4#V*EDp5y1@KacD<
zkN^S+aiCy)!vDJpB*MdiGT;;0M5+NCaX|oH5Lt8YEo!L=<M_(|f}1wU{^kvm;3!+o
zDXEjbv7Y*2=Z^D%7G&I=>C_oh1}0gX{kb>EXM5g%kJ7*cH8(-jIQsravs2&??>v{_
zENOFL-PdCSwL6$xKV>$gMpB`&i_tGxBQ%TK<%YN!HA)8^JF4zb<I}K4t6Nyi2t@CY
z8f}hKn*ZJiY381LS=syHQ#Q=cQPngu|3V{*>sFq>blIy!DNZ0MzpMT+c)t=EZ$u*`
z%FTCP^;k~T!K3AoI%h*zu)&~D9CdQhxq5mP$=#RR5)tVPbDO=2mAuHWPg@D<wfHP&
zwHYJ6?g2q*OeU`d+%1eqGYeB=#Fq@w*Y)wga~=b2PnHO2UJ3tzO^)+Hgt{S;<C+rR
z8ZKLYnhr=-_c4v|j}6^r;&urW-{{`}Wp}f1dR{<RC^}j9L!xJ&{!X2ze|}jI;PQrc
zm;AA7UR@i@D=kYZ+UuYbLd9uW7l)y!<tHYLb0vzp1;oTLIU~^{Pe5J@U30MwGB$Ue
ziI@}8_E70#c%LjS-hog|Li#TPg?^~XGQl8ID=%R}uK9OpDyxW+jGK9R-aXEpmqhS(
z_6b9oMWrOM&(;GyV6d%YQwYD&i$SRi{zKC^<_%}XjachV<nh;B-4FH}esJewIwvbB
zYU**l`sY~0gAl96En=Q0w;R<yQ67N7u4iAw9!Fxx-8p^oveWOOH>j5jXX&m4omYfi
zaB3i&K+gO!;i>Ub7ceBKo|cfo>f$$PGOg5L^1E*piZDE0;eui~t(~N#3B+mcc%#Rq
z{;h87G1moNra61#srzW_;aa%!r>Tu%#M5M(2Q!J$ebJ8IyRfKQ_uDA-hy~rLq7ca|
zl!UWZH5i`Rg_g~l^iqBGxxWeFeaU>d#YKRX50Ra?IASbK`e^LR$D3&8Bh$vr&w|;#
zi_hGm%;=c#OGY{47}M*67<!FCaUZW^jl3lQxUkc8SHCmuiSB6k%WVAolNEw#A(pEP
zQuP>baUC+Wby(vydX*Ee2FE>ho;mp08*2NbeR7B2Mvc}#I+>XUUOIiSXy(sOov6(@
z7=@QZKPRpr)h@$<Dr0En$v4QA?8$;Up7qwBruc)&0-1DT^9`}4cY4%b!#UrwMI)$g
zH!F+H>MtBrZ)*LhnR-Cq{ab3(hDIM<%Z#K5zP-49>vFuHDX&{AbjPvwx?GolUVxGH
zFg_^m2tH0OejZmrCb_WWFrLb5EUx|$Tu<qZk*OLI^}~)Dhp#$BF`vgMj?&NeUU0N`
zn3koaR8;COU~c5n4z!cgA4!%wvPXxj>^!^rWz>*5t=6*W=X^gY^y2!GY*+Dh3+oC$
zI+t=xko3UKa9?zzg{e5XUK#uBbbYvVD;L#A2r6Wi7#nA~Hvn3Ov(v}ICQ$ZGA9(4~
zq7x8KcepwlR+pk_{fPT+Ytnuysx3c|f0+6*S7^whrOd9g`Iu2WQgfJZGWm~jXPssI
zSyLh?(3JS9ex}E(Z(iUD%N_UNNvJ}*xK&U961XGd@ak6NXRd^CW_{@k-O5KgmKi_-
zp)=k;pAE4$!FA2!yVFf{V9Bu&K^%slXUqVpmBL9roG5@6FzsDwj%BhU8XjdFck+kz
z&-xFpYTqnxKFwr)wG4g_IvZEcl}FsCq@d-HFF#4z!*9c-^{zuS$E5^#I_&#4J>iE^
zN*Rr>wYhXKlp564_sc>XoAAFAs|mhaK3mkMuPrAaXlKOTX}sQ05Fp8U=dt}8rETgL
zwjVpJQ`z`4VYNW%;><Cwhgz@MR%gCn;YJ^8?ns}cNWG|$n!Q2{*%=-^%-0Xdwti10
z-v$2l`{COp{vTM{SMsY+)snIDu%I%7*DhwwH!R;j3RlLu6&8#?rYCVvH}1ykG+88-
zXZY5)x4=7Tsd_52?F^IHf_u`Fg_!S0bm_y{sEaB&Vl9hhd~~vsvGjoqloViAh&ef4
zOBx(Rv|_WZtQS<0Mnq{eKo3!~J4TCuv-LjQV1b4n<ziE_wpNEV#%TyYuIYze3bckM
zIVLT^vG3;4V>g@Kw8gq2nD7|0qDCC_)%DJuL|;cwooxA*$fSQC6C8?A3n=>%7Q8xL
zEt05K;vP?_;=?d?w#ERiDDvR?f*v2m&73VXJdrwOTlDIW5@q=92sfIvA;)Tov589Z
zu=70>z3=Y~0k);YR3^Sg#PWV!Z&Gf$E!IS#6~e<Zj`-u5R042|>fcUXgq%&Z(A`U@
zuv?^YIqr_%PO*^WEZ=R|oT+?f2Q|O8xTGWOq^OKai%k`Wo)HVWY{V%twPQUgB2y%%
z<`36)^Np;uq)nwy4Fb(OhQ!<QBty|e`!96SN~WxU6mM(ukO$q_BV$G>_L~yHyuW4*
zfQv<d{D)7<-wy#J*;&7fEQem@QaW44KQqRAKK9cqdR5rc<}9MFdu~*W{r&J034^7l
z?8l^=H947DyWf1zk1M%f3^A2ev??u0`PHq5cmvcU*k>qy{fZ{Bq4d4W{@x`HzE}h$
zWn9LM+(-1A?OS`kp=*7g?*ENV%DN#f$M|I5Jo%ApxVK4Yg7p&g(03(|YlzoJ^Uc$D
zs^^I@q@_Bf+^7wSUs{8?Rby7J>TR1_KM#tjmx4e!GORGLql3F86{mnoi_;bbx#l{o
z@2$PygElkEmTVmT2Qhr55uST<Lzx@dG<~*qi5dw0mJ`Z(s_-Iq^48F1ba?lOuJ;$J
zSxh1ni5K?|NBkE|@Pa@{Jj7qy@9%iy-}`@N0TTm&e?y7CrpW&Sk%S_f-~%DH>5+m>
z3z<uV<^Kc`qXY;93x&wl@<ms?sh~OmAwd(BL>X{RB=pE#Aoy6P1LA3;9uOjsKvn-?
zfs&^2(l7t~Z8(L7JQi}>?*<377<{y9ay|cK=e@FQrO(FWJgXA%<aTtp7~`uge_>Zf
zOS0~s$SPqVMgsUmP7zOl=}c;X)+ulKkBpH!ESG<d@2%<_@e*<q-94)@V?n88r@Q89
zRx*1n?l^3RYxEy8@fWJC%h#pne=v2AV-{{V`I3={jj<%OIW6B7$Eu`<zKk3+2jf&I
z)&_HGxrByQWj^O;Dd8fQiuglGX?l<I9g~QM=dYbuM-w4E>RpqUb^TO^^mm%I+dgsl
z-zp>PdkH)|;=^EZMXq<qfsQ*+enXqr5vF!JPKR5lDh*|v^WD_Eqc-fJX(cg_A(u5w
z4#s0*uTWZW3rKPvPVbcfwJR%Nt=?=cKbJwshNMr=tC(a`!ft$wK(H`>&Q6`wMZyPF
z7*S){Kj1p$xrSmh4Yu@<W2)ccrS>kV3^Ok$54{wN{U<~47K^C!U$w7al<YD%Xa$)O
z6?`{H$m{UyKL30|F4toJAwe$K4ny~DQM0(nZA}eDx^SQRDVzs?>1jY|f8fzmMn#Q=
z!oby;l7V&HoI(DLLtYVMd_|lgsnALFtdj8#?P}&OC4<$8>Is76Tb_f~$NJs9uLc4m
z!X58J{KZn;uG{E7)r1pYUnK*jakq5{kM*9*1t56XvjT#6aOy1j$Inkx9H*OcGucc$
z3=0>{>RkTl8+LyED8<K<$nnWB#?e5y0i`Z;G`Bb3(?QKcqatQukg951&^Q$M9RgQr
zo0(f3sNv-q$CSl4Pw|NG5ZUo4>|M#(JbI!%DqCptLe-JMYSgueFwe4Jakq9oobE(A
zY^3JpuY_uSaRvEm%&PW2)t@b&%n`wM%K5>;WUX5bUwzieXRLzTV;tl$P~Y<GOE}3|
z$jV0wE#7FBr0p@5mmX>^3o6`ADPRwNf$J3zLEmYno)n;jpX>1z88Ebq5k}v>?+RmP
zP;JbhLA2XeB(uFew7+Z(eSfN2<SD<<Dtge~GZ`AZcj>|9UD{iKqgLN*tzwr<c*(5M
zF+WD;pg~H*PB~#*fI>+2s4ek5nDLz_av?SqHjllxG)mN^6`mEf3jd@wnTL&ZEHj=w
zeeSRKVz1gSg3Aq)s5abw#R2q^=B*g5#kpj=BlbV6L^v5#A-&0ZwCoU-6cjZLSN!de
zr^dt;wnyn2HfC*4G;RXBM)Q5qeC@GIQ*0W>dvjY(n^~A3Zi>R7q=NO=oF!!vN**y6
zAmw5;1xwhg{MQm1XH`4Ko)t2DfjtfsZnBNJ+WWBC=Z&L;q^%G>+Uc5;5L^4rJwZJz
z%7azUlknr#8O@i7<(ZibaSmC-e4itmAq~jfZIgUFuV8w;g$cm^n9!Gv>Amuwa*}GW
zNLcr(l4RYWg>E*npC2CM)FY0gu?&Z-v1*y&v6vwG(+4u-7qh7TjzAM^eBMI|6OS5V
zCOX{Y8q=9&54r`c)~=Nt!F?K$rpC?>q|b~v8ukaZxF{edq;~{g$h7uF+iVv6v(2WP
zBFAO2ZWfZ=glI<Y0y8)%S}iJ*-t{KoaELZn!HS=k;i7yGof3S$=>)qU61=htP_-Xi
zb6%`b3=fre@~W4BaX{JrDOw^*7!~LNR+Tjik<2X^IU_aY!uWG1*HWSjssM#SN&b1$
zfB-xk5c3QEJQfkhfSDcHrbfhaxxPyk2+u`jyb;PTkej3mBLopjg>dipXBx!)w`%_b
D4eZW{

diff --git a/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj b/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj
index 418d7adf5..2ce873ca0 100644
--- a/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj
+++ b/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj
@@ -20,4 +20,17 @@
     </None>
   </ItemGroup>
 
+  <ItemGroup>
+    <Folder Include="certificates\" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Include="..\Certificates\2048\testCert-2048.pfx" Link="certificates\testCert-2048.pfx">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+    <None Include="..\Certificates\4096\testCert-4096.pfx" Link="certificates\testCert-4096.pfx">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
+
 </Project>
diff --git a/src/BenchmarksApps/TLS/Kestrel/Program.cs b/src/BenchmarksApps/TLS/Kestrel/Program.cs
index bd5a29645..35925c6e9 100644
--- a/src/BenchmarksApps/TLS/Kestrel/Program.cs
+++ b/src/BenchmarksApps/TLS/Kestrel/Program.cs
@@ -19,6 +19,10 @@
 // behavioral
 var mTlsEnabled = bool.TryParse(builder.Configuration["mTLS"], out var mTlsEnabledConfig) && mTlsEnabledConfig;
 var tlsRenegotiationEnabled = bool.TryParse(builder.Configuration["tlsRenegotiation"], out var tlsRenegotiationEnabledConfig) && tlsRenegotiationEnabledConfig;
+var certPublicKeySpecified = int.TryParse(builder.Configuration["certPublicKeyLength"], out var certPublicKeyConfig);
+var certPublicKeyLength = certPublicKeySpecified ? certPublicKeyConfig : 2048;
+
+// endpoints
 var listeningEndpoints = builder.Configuration["urls"] ?? "https://localhost:5000/";
 var supportedTlsVersions = ParseSslProtocols(builder.Configuration["tlsProtocols"]);
 
@@ -49,8 +53,10 @@ void ConfigureListen(KestrelServerOptions serverOptions, IConfigurationRoot conf
 
         serverOptions.Listen(endpoint, listenOptions =>
         {
+            var certificatePath = Path.Combine("certificates", $"testCert-{certPublicKeyLength}.pfx");
+
             // [SuppressMessage("Microsoft.Security", "CSCAN0220.DefaultPasswordContexts", Justification="Benchmark code, not a secret")]
-            listenOptions.UseHttps("testCert.pfx", "testPassword", options =>
+            listenOptions.UseHttps(certificatePath, "testPassword", options =>
             {
                 if (supportedTlsVersions is not null)
                 {
diff --git a/src/BenchmarksApps/TLS/Kestrel/testCert.pfx b/src/BenchmarksApps/TLS/Kestrel/testCert.pfx
deleted file mode 100644
index e03e6d5395f04b195385b112eed4ec73b097d07d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4045
zcmY+GXD}R$x5o8ec6AXEb=9?^#}d6utlp!9AVP@fEXxw2_g<nUI&YNdHF^ob>LrM>
z(OG@3cjn&vzxTtLGxI!i&bQ|`4+KFyh=+?0K~TpLk@APDhhr#liE;B0)WHM@>VSLM
z2ZA81{*OhJk08vym$LD2aqd^je;i!MLn5;O{y>3C1fe1z!9d+EC>)(5@bE}*f)Rv{
zhPL}DN(n>}TzvJ#o#)E_-l?~z({yD5VKjo=)HU^+G(VQfx5iZylmN=2$wo50{O6IB
zlH&~>zc#V6W!lV=ygV()Z=MS*9O1pgVQ+-Nk9WEx6J(?X{(cwLC1l9$u45m1P`?xH
z>tdI>(JbgB_$5C+2w90_l5O9qDdTY6lia_Eu(feS1sc6W5INFziS<3mQt_d3P`X(w
z8VC-q6yRV<FEVB<m6UJ-T^?41lt`vyU299T{uv|-)X&|(`K$IBS^UV3#jRH-Uo>VS
zIe@c{Y3F#@&AIY7I^b;&w$Y}jfaY@bcJ>)l1&M`zBzyrON@Xv<b!764AUps)+dI`~
zlJdQfP;~mZW|m-&)D~J3)G}kjWH74umB*1Km~)uKw*@0%%f(1*Y}_v}Zg>^|^uPm1
z^cUk7+a&P%mw$Y}e=hKh%}3s2HEuF(;eEo*3vysy<|(_LhqdM(eN4{l^=_IQZqdH{
zehJxw9HTAU=v(tIC9n5h*`)GCW7UWmY)ECes(a|&UZALoA8UyYoYFTQ>(t$jz9j<G
zQl3<fVrQ~VFy1GV<iJR|++z|-G`}oULsEs(t?`k}3w~lzy<)G3Wnn_*1OOwPQst#L
zS?BT-)9T`hcA>KK$<DYCj@CX|A`|7)I<1TGNM2IXrb`nX#vr*rnWtJA&#zx{Qe>Dt
z#DqbcO|uy%Spg;4hcQ_B?dYBp02AvLaY?<9mwki~iDByt*&2Aez+Pbs7Xg#wu97Q$
zLLhLg8HC%HV<g7}dR+Dmyv<?$QmfSdNSjWiGckxC*W@pmb#yOYszBuz3xMFE*k<Ey
z6jkKcYmI~STl5h!1wwh|I^dRo$fLToga&HAQ-iH36yO1Vil#k9z8`UfXwWMvJd~qJ
zp>2Q6m*-HWp0)&d_@;|*gtMMR(pJZu<9*CuV*DGs$ff1CFpW;HB?G1=yO9yA44}rG
z$qBZJL$^S9mmyxcsx>~)cHA(IAP$f_m=vInUjqJ?3O8xW`)hXAi(Sun#%&$cM_CrM
z8fPsd7$IdafqJ=zh3ff*PXhC*t9H0+fG;Lp-jKX_G8qwftpx9W#<otw#u*s@b&Z>v
zP;ustnDsI_zHNfi$JZh@=+$Yef1N8Py>ws_KsF_x-v#Zst;;+V>z2`BZ#=1t4;J9X
zwhp~klLD2l3V!wDO)<h3@U$4|iywmHXGt3!6FxdBl;xP?e5`H8Rl}9%va%!tRSxEp
zG|?a4QHQUmm{P0++ziZi2ezWw_ojS2icmtTjZHj2%K07#d#G`le<d&D;cb|EuP1Ej
zO0|*l(S?$R1LNDxBl=M{SM8Z@!x1a6(Ae+=ce;`%o2Co_wG#x~o7!8`5mkKyZuFiJ
zce(`?t8m*{dW-zY+6q{<K57Uo@l4+_mn=P<YpsMBLx$PRs|jXQg9sO2>sZ*dS#bAZ
z2x{zyK<%hknC$d&$(pCG#qk%fxV#Kv^DL&lYcCKh<jl4!8+}DGq5f>D+pyWL@CAgS
z@>i1rmtU_lZc1@7<$wryt@tHdFcBhaQfmMr>h@FE@Hob~tG*J?eU0kLt4~nx9N2nh
z3~|taYwN|MLcVe@z38g-C~kcgLCppnwW*zJPo~DFN`=Wc4Mi7Pv`=GD2n)%%NbO8T
zc-N2B1V-=y<PyHhI0&-2mX<}%TM`cZ5FnYej<h}q7H9OXX1^1lUeR)}Z{^LHl7_Tv
zR^`lYn=5pmT02B*yk`n~SgyuhrEFjqhR@KEip4m(cvUXAE&A|6JL!m_ru=XV%J>7G
zF>GN(8t5vdD%x(*Xg+F3d^fODx1i{lC<^t%&Jcni?fO4p&PR~e5g<sb?&Y%kDIp^N
zA54?s;@z9B_oDOvqc{G)^bSvRAnMJL75|ss_vh*cni{(=1|&dYO)r7x7f@wsvouoi
zh~VW=d)%WsZQPg#Qe3B6X|mJr*TR+xW&2C3cgsHh@IosZS1ZyIc*J&Cc|8@AX}rAJ
zRDYBxUvfO_x<wIa@z@zJmNt~x_4V7J?cNSQbs3ipaA(@@*?dM(?&&*U$$-4oF6k_V
z&a)IBLrl*qUT9OpW|XGDjFICLWJy?3srSgCf0Jc{6a#e3PV#BU0$Zv-*zd5wW%)#r
zl!;@zFO6^(BVFF}L`~Vt7fk-i-+5N4XVazuS=}U%s%>&RdngPsFi09bZX>&+_1h9#
zR!ogk0(2YOj<b@A-{*&`F!Y9%*z9U52smlmC-bgv(QJGz;7MQuVLGnYFXKGdD!Tri
zkXWBVm=9r&w1wD?@nmD83Oi?iE@6|IxAgL#2A4DV7f;{;+xl==W&uz-%0GMBIW_*$
z5E<i?Zd{UV6{6~V-aJ{jo8@Qn=n_q*0~bnF+b%X#VM<K$=X0%@Q~r2Ctn20};OlsD
z<$dvtT}6*ecs-NfWyNHTMJ3A7IK^~?5Qsle?>juWDOLJBk@<k42-EU`hp)R11Vb*n
zY~nUK<X42C1vywS!~P<NDKZ=7&)1_xT5=?Msuwzm;m@z|R=#h98Rg+pKTI0ileE_{
z1(A|3;h7!R1UdT!W-@uu?4_@?(YP9Ij0W|O%r27jR$jPOdK&Cm?Ge>TJ&ecebkE)F
zZ}K;i)~?&E4ty6tQ{?VmY-ft|Nuf4S5SD1GI;M_SKTIt-w;TdoI*V|(Zt=aC{C=>u
z+3C6P5|M1{T}4+Q77{!%-_-`zp3%!vB`!zY?SxfMd@|YxUOVaiHPi*ZrBA9Ezl>zO
z%*~-@-ISH$m2amyiDKWX@t@f-(F`vcnr%#p6nX{8F!*Se3f3uxp0NcLc^Ei{eK-tC
z8V9e;^xU>j&0Ry0N4scQ7G#^s%%wU|mh6gx<V;D50=qOXVwC8YSgR{8mZ!Yy38m_?
zkbPtI2|tcD>8?phg?D93dA%pip_68Pjr5OIxkJK-NK$vy_h`G;c*-1+#9b!L$VZ58
zJ<T7z*y72}DU9PWoFVH+mztlp<0;3M`5`;iagaOcW%o0FG~eNXy>0-^`yEMw38lm0
zSfO_o)cR*j{K{6W!}kEe+qJNoyl@7zXiFShZ_z))p#t==y2HtHxG@t}W0UP?wH-4k
z$~cyQ{Rh*E24%VK-k%w5UCnLbZqJjdck-UX!i+gJS#4tkL+ZVq%(IR}wJX+vrzC<D
z;G<9tD*1VEl`)km?WsEGcnYsG%koU2v<cdV=1eF+bH`@Y^oqP2T{YwqEGgywTyHv!
zpCj>I_6wKRxL44-r@NRcQ0#dgc})%#^Vke6G;CabXnsw)sMxklaYz}Pjr`lfMws$b
zgL9*P(``H16~N)g<1oj-gR~3Ac{%?RISpTQacS26R4b#yn!nLg<s?7Ae{DpSUv;Ej
zeL(QlxU76i2{Doskom!_t9ALW?wWxIr<>5#PW=(>uDK@jIK)M`oD1f&?d(2d)o=7B
z3s$rG=7;Fm{Nr_?*Tz(b5+Ruw$?T{Y@s`2aH$KyGQMtw<{lJsCU<cS5B@(C5^IQI0
z&%AXndi0iKBaC0-pTzKAg2N#|ahS{v*T6C^OBVN9MyH?^rr8B{L2uwSN*a+wznE!!
zX3=cBpAHUyInZroMG{bt%P%EC9*<Oo?+gy=66r-Kd}#xk9CxFtR}l5p;ZYS6zl^Cx
zR&r|vThipBaF7TJrgKBCTP{>*A}4=KCiFN`PmbrhU3b7#B}d~2z0=aD*b9o77&PIE
zf$9(-^LvxtSI$4gmo{MX87=L6(JIdkeFjPmaHEO%HyqqAb<2#+I-DLRleGpHJ-uyP
zyzF;|Ai!_X?Lr1>+%o<f-t5)ZMYNR({O~1knySPno6b5Gqpu^&fu2`uYI@(R{|0}}
z^{$&1?MsWw1&zd~`7=@<8qJh=mtUQ4u0Xw_D>^z-GoDae=0B>1CGrwc{h`geLy=(|
zupWgO1ZwL(q?2N%1v};z0@24>p9c%`0Kf)Xo6qvic9+?1k|$*RfrWT>x*_zTgE>6Y
z%EqXlZE?LDJQ7u(!v^e6*T0q!bfY@Bz?Od5AB?|E^h-2smQ!u*><=BrXx28)tqXNb
z);1hJ$Cfa2!8D>}fcqe8BWr~fKwv!6KjcJrE>Y@fvh(zNTtZkla9$?=FuiUel=;wA
zXJsJzP=X-xqqQQQKd4GoL#9HH{dXI11sfm~QW?$=gSOi5en)P(xu7V|GmqC#RedmZ
zcRF?8QMQj7ew;Z#0Ggcqun#QVUW;f4qN;fi5|{Q$_|#u{mkdx$CwuGbmAO|I$V7sJ
zURu@~BS_GuH_saCk1#8%LI&T|NL0DRlA@f`=5@p{u>`;3_XpX?&!)M=N)k#;>jIEg
zVMOwVV?Vy(cKNZmepxZTYW(L%1?=N@>H@Z&w_leNlRM_K9jpdU=~5V%bftR&cPpBO
zan5@p2<7IHaW0Avl~xa)x%9{>dphO6U2H=y0FGvbsl_$~H-LN1XXNOK(MM7#twYi$
z7*%2462thohyWYQ*#_-Eb>>WjX8Ofo7d7+qAr#Gi&8jK!m?(!*Keyks-oWKN?Rm(J
z$<3Kc`}syFSdY>$d<{LgAlCP4ks|W1;>qx;&!@A9%b#nZW4~_%+7v3_`GFtJVg3w$
zLfUQsMF!k+@I+m)gXQnO#u3ngOr&&TwJ^+H>YsJH>w`Hi$F5mo^?24!=!t0wCu)?=
zul`-+3el@8#tPV~FZ{~*sQ+aV%otH>W{!8-koie?42KiARF?IC{HZ-!rAQ$ITY$f<
zm#AmvKKBUs!=+yiUlDcmBW%%#MDH)Mu9LH{-`lMAQt?b~r`daQ%I8R~f}ZCjrnA^U
z+~l5InVG`}yD$<rmBX@~oNOO}XEYjh`B0z7g3Roc7o0p$HgcbwEI^MOiJ0mv9e3ua
zDhHAV&}YdeuN+pivHKQT<hD@nf36u!%R<r;;nO$v1=HYFc+>K0s?bRM>DA`pmf6a1
zDtB%MYfs#YocWAYZ4hzi6P87*A4SWBqx39s{Jf(R&x?C?l?3$`y;&C;Pn^vintg5I
zUYN!wh~Ze*SL`C(5YGQ?XQcEZ3<Pw}ywA!?u{Sh1$J(8L^nl_0iMGrT5ePekl!#D(
t3LozQAr1lE6W#UKOCTt@KigwXn?pk{oIb1jmX=R;Di4g%#Q(RY{TIa_xdi|K


From b512bcf6689d67c938c1a7536615bc5f634723da Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 11:49:58 +0200
Subject: [PATCH 26/32] try again

---
 src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj b/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj
index 2ce873ca0..de39cbecb 100644
--- a/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj
+++ b/src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj
@@ -22,9 +22,7 @@
 
   <ItemGroup>
     <Folder Include="certificates\" />
-  </ItemGroup>
 
-  <ItemGroup>
     <None Include="..\Certificates\2048\testCert-2048.pfx" Link="certificates\testCert-2048.pfx">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>

From 54a2defdbfe317c19be61fc391d788bb7a159f2b Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 11:51:56 +0200
Subject: [PATCH 27/32] push certs!

---
 .../TLS/Certificates/2048/testCert-2048.pfx      | Bin 0 -> 3699 bytes
 .../TLS/Certificates/4096/testCert-4096.pfx      | Bin 0 -> 4045 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 src/BenchmarksApps/TLS/Certificates/2048/testCert-2048.pfx
 create mode 100644 src/BenchmarksApps/TLS/Certificates/4096/testCert-4096.pfx

diff --git a/src/BenchmarksApps/TLS/Certificates/2048/testCert-2048.pfx b/src/BenchmarksApps/TLS/Certificates/2048/testCert-2048.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..a0da01e6baae2b2a34dd2948e5a303feb53a90ee
GIT binary patch
literal 3699
zcmai%Ra6uV*M*s3NQVJLLb_9MhVGUwY3T+DDZv>eWT>G_X#r`FMmmI{M4AEVl4cM=
zkdpZP*8i{fz5FiDI&1HJaqjkd4ipLT1OjlONC*c$5pSeg<T(j|0FaM_P=Sz;`+sc+
z6iFEHZ-k$ZBy{_0IRgPWf0xa_2>@#SkH8~=>O*1wN-&fiM3%O4#V*EDp5y1@KacD<
zkN^S+aiCy)!vDJpB*MdiGT;;0M5+NCaX|oH5Lt8YEo!L=<M_(|f}1wU{^kvm;3!+o
zDXEjbv7Y*2=Z^D%7G&I=>C_oh1}0gX{kb>EXM5g%kJ7*cH8(-jIQsravs2&??>v{_
zENOFL-PdCSwL6$xKV>$gMpB`&i_tGxBQ%TK<%YN!HA)8^JF4zb<I}K4t6Nyi2t@CY
z8f}hKn*ZJiY381LS=syHQ#Q=cQPngu|3V{*>sFq>blIy!DNZ0MzpMT+c)t=EZ$u*`
z%FTCP^;k~T!K3AoI%h*zu)&~D9CdQhxq5mP$=#RR5)tVPbDO=2mAuHWPg@D<wfHP&
zwHYJ6?g2q*OeU`d+%1eqGYeB=#Fq@w*Y)wga~=b2PnHO2UJ3tzO^)+Hgt{S;<C+rR
z8ZKLYnhr=-_c4v|j}6^r;&urW-{{`}Wp}f1dR{<RC^}j9L!xJ&{!X2ze|}jI;PQrc
zm;AA7UR@i@D=kYZ+UuYbLd9uW7l)y!<tHYLb0vzp1;oTLIU~^{Pe5J@U30MwGB$Ue
ziI@}8_E70#c%LjS-hog|Li#TPg?^~XGQl8ID=%R}uK9OpDyxW+jGK9R-aXEpmqhS(
z_6b9oMWrOM&(;GyV6d%YQwYD&i$SRi{zKC^<_%}XjachV<nh;B-4FH}esJewIwvbB
zYU**l`sY~0gAl96En=Q0w;R<yQ67N7u4iAw9!Fxx-8p^oveWOOH>j5jXX&m4omYfi
zaB3i&K+gO!;i>Ub7ceBKo|cfo>f$$PGOg5L^1E*piZDE0;eui~t(~N#3B+mcc%#Rq
z{;h87G1moNra61#srzW_;aa%!r>Tu%#M5M(2Q!J$ebJ8IyRfKQ_uDA-hy~rLq7ca|
zl!UWZH5i`Rg_g~l^iqBGxxWeFeaU>d#YKRX50Ra?IASbK`e^LR$D3&8Bh$vr&w|;#
zi_hGm%;=c#OGY{47}M*67<!FCaUZW^jl3lQxUkc8SHCmuiSB6k%WVAolNEw#A(pEP
zQuP>baUC+Wby(vydX*Ee2FE>ho;mp08*2NbeR7B2Mvc}#I+>XUUOIiSXy(sOov6(@
z7=@QZKPRpr)h@$<Dr0En$v4QA?8$;Up7qwBruc)&0-1DT^9`}4cY4%b!#UrwMI)$g
zH!F+H>MtBrZ)*LhnR-Cq{ab3(hDIM<%Z#K5zP-49>vFuHDX&{AbjPvwx?GolUVxGH
zFg_^m2tH0OejZmrCb_WWFrLb5EUx|$Tu<qZk*OLI^}~)Dhp#$BF`vgMj?&NeUU0N`
zn3koaR8;COU~c5n4z!cgA4!%wvPXxj>^!^rWz>*5t=6*W=X^gY^y2!GY*+Dh3+oC$
zI+t=xko3UKa9?zzg{e5XUK#uBbbYvVD;L#A2r6Wi7#nA~Hvn3Ov(v}ICQ$ZGA9(4~
zq7x8KcepwlR+pk_{fPT+Ytnuysx3c|f0+6*S7^whrOd9g`Iu2WQgfJZGWm~jXPssI
zSyLh?(3JS9ex}E(Z(iUD%N_UNNvJ}*xK&U961XGd@ak6NXRd^CW_{@k-O5KgmKi_-
zp)=k;pAE4$!FA2!yVFf{V9Bu&K^%slXUqVpmBL9roG5@6FzsDwj%BhU8XjdFck+kz
z&-xFpYTqnxKFwr)wG4g_IvZEcl}FsCq@d-HFF#4z!*9c-^{zuS$E5^#I_&#4J>iE^
zN*Rr>wYhXKlp564_sc>XoAAFAs|mhaK3mkMuPrAaXlKOTX}sQ05Fp8U=dt}8rETgL
zwjVpJQ`z`4VYNW%;><Cwhgz@MR%gCn;YJ^8?ns}cNWG|$n!Q2{*%=-^%-0Xdwti10
z-v$2l`{COp{vTM{SMsY+)snIDu%I%7*DhwwH!R;j3RlLu6&8#?rYCVvH}1ykG+88-
zXZY5)x4=7Tsd_52?F^IHf_u`Fg_!S0bm_y{sEaB&Vl9hhd~~vsvGjoqloViAh&ef4
zOBx(Rv|_WZtQS<0Mnq{eKo3!~J4TCuv-LjQV1b4n<ziE_wpNEV#%TyYuIYze3bckM
zIVLT^vG3;4V>g@Kw8gq2nD7|0qDCC_)%DJuL|;cwooxA*$fSQC6C8?A3n=>%7Q8xL
zEt05K;vP?_;=?d?w#ERiDDvR?f*v2m&73VXJdrwOTlDIW5@q=92sfIvA;)Tov589Z
zu=70>z3=Y~0k);YR3^Sg#PWV!Z&Gf$E!IS#6~e<Zj`-u5R042|>fcUXgq%&Z(A`U@
zuv?^YIqr_%PO*^WEZ=R|oT+?f2Q|O8xTGWOq^OKai%k`Wo)HVWY{V%twPQUgB2y%%
z<`36)^Np;uq)nwy4Fb(OhQ!<QBty|e`!96SN~WxU6mM(ukO$q_BV$G>_L~yHyuW4*
zfQv<d{D)7<-wy#J*;&7fEQem@QaW44KQqRAKK9cqdR5rc<}9MFdu~*W{r&J034^7l
z?8l^=H947DyWf1zk1M%f3^A2ev??u0`PHq5cmvcU*k>qy{fZ{Bq4d4W{@x`HzE}h$
zWn9LM+(-1A?OS`kp=*7g?*ENV%DN#f$M|I5Jo%ApxVK4Yg7p&g(03(|YlzoJ^Uc$D
zs^^I@q@_Bf+^7wSUs{8?Rby7J>TR1_KM#tjmx4e!GORGLql3F86{mnoi_;bbx#l{o
z@2$PygElkEmTVmT2Qhr55uST<Lzx@dG<~*qi5dw0mJ`Z(s_-Iq^48F1ba?lOuJ;$J
zSxh1ni5K?|NBkE|@Pa@{Jj7qy@9%iy-}`@N0TTm&e?y7CrpW&Sk%S_f-~%DH>5+m>
z3z<uV<^Kc`qXY;93x&wl@<ms?sh~OmAwd(BL>X{RB=pE#Aoy6P1LA3;9uOjsKvn-?
zfs&^2(l7t~Z8(L7JQi}>?*<377<{y9ay|cK=e@FQrO(FWJgXA%<aTtp7~`uge_>Zf
zOS0~s$SPqVMgsUmP7zOl=}c;X)+ulKkBpH!ESG<d@2%<_@e*<q-94)@V?n88r@Q89
zRx*1n?l^3RYxEy8@fWJC%h#pne=v2AV-{{V`I3={jj<%OIW6B7$Eu`<zKk3+2jf&I
z)&_HGxrByQWj^O;Dd8fQiuglGX?l<I9g~QM=dYbuM-w4E>RpqUb^TO^^mm%I+dgsl
z-zp>PdkH)|;=^EZMXq<qfsQ*+enXqr5vF!JPKR5lDh*|v^WD_Eqc-fJX(cg_A(u5w
z4#s0*uTWZW3rKPvPVbcfwJR%Nt=?=cKbJwshNMr=tC(a`!ft$wK(H`>&Q6`wMZyPF
z7*S){Kj1p$xrSmh4Yu@<W2)ccrS>kV3^Ok$54{wN{U<~47K^C!U$w7al<YD%Xa$)O
z6?`{H$m{UyKL30|F4toJAwe$K4ny~DQM0(nZA}eDx^SQRDVzs?>1jY|f8fzmMn#Q=
z!oby;l7V&HoI(DLLtYVMd_|lgsnALFtdj8#?P}&OC4<$8>Is76Tb_f~$NJs9uLc4m
z!X58J{KZn;uG{E7)r1pYUnK*jakq5{kM*9*1t56XvjT#6aOy1j$Inkx9H*OcGucc$
z3=0>{>RkTl8+LyED8<K<$nnWB#?e5y0i`Z;G`Bb3(?QKcqatQukg951&^Q$M9RgQr
zo0(f3sNv-q$CSl4Pw|NG5ZUo4>|M#(JbI!%DqCptLe-JMYSgueFwe4Jakq9oobE(A
zY^3JpuY_uSaRvEm%&PW2)t@b&%n`wM%K5>;WUX5bUwzieXRLzTV;tl$P~Y<GOE}3|
z$jV0wE#7FBr0p@5mmX>^3o6`ADPRwNf$J3zLEmYno)n;jpX>1z88Ebq5k}v>?+RmP
zP;JbhLA2XeB(uFew7+Z(eSfN2<SD<<Dtge~GZ`AZcj>|9UD{iKqgLN*tzwr<c*(5M
zF+WD;pg~H*PB~#*fI>+2s4ek5nDLz_av?SqHjllxG)mN^6`mEf3jd@wnTL&ZEHj=w
zeeSRKVz1gSg3Aq)s5abw#R2q^=B*g5#kpj=BlbV6L^v5#A-&0ZwCoU-6cjZLSN!de
zr^dt;wnyn2HfC*4G;RXBM)Q5qeC@GIQ*0W>dvjY(n^~A3Zi>R7q=NO=oF!!vN**y6
zAmw5;1xwhg{MQm1XH`4Ko)t2DfjtfsZnBNJ+WWBC=Z&L;q^%G>+Uc5;5L^4rJwZJz
z%7azUlknr#8O@i7<(ZibaSmC-e4itmAq~jfZIgUFuV8w;g$cm^n9!Gv>Amuwa*}GW
zNLcr(l4RYWg>E*npC2CM)FY0gu?&Z-v1*y&v6vwG(+4u-7qh7TjzAM^eBMI|6OS5V
zCOX{Y8q=9&54r`c)~=Nt!F?K$rpC?>q|b~v8ukaZxF{edq;~{g$h7uF+iVv6v(2WP
zBFAO2ZWfZ=glI<Y0y8)%S}iJ*-t{KoaELZn!HS=k;i7yGof3S$=>)qU61=htP_-Xi
zb6%`b3=fre@~W4BaX{JrDOw^*7!~LNR+Tjik<2X^IU_aY!uWG1*HWSjssM#SN&b1$
zfB-xk5c3QEJQfkhfSDcHrbfhaxxPyk2+u`jyb;PTkej3mBLopjg>dipXBx!)w`%_b
D4eZW{

literal 0
HcmV?d00001

diff --git a/src/BenchmarksApps/TLS/Certificates/4096/testCert-4096.pfx b/src/BenchmarksApps/TLS/Certificates/4096/testCert-4096.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..e03e6d5395f04b195385b112eed4ec73b097d07d
GIT binary patch
literal 4045
zcmY+GXD}R$x5o8ec6AXEb=9?^#}d6utlp!9AVP@fEXxw2_g<nUI&YNdHF^ob>LrM>
z(OG@3cjn&vzxTtLGxI!i&bQ|`4+KFyh=+?0K~TpLk@APDhhr#liE;B0)WHM@>VSLM
z2ZA81{*OhJk08vym$LD2aqd^je;i!MLn5;O{y>3C1fe1z!9d+EC>)(5@bE}*f)Rv{
zhPL}DN(n>}TzvJ#o#)E_-l?~z({yD5VKjo=)HU^+G(VQfx5iZylmN=2$wo50{O6IB
zlH&~>zc#V6W!lV=ygV()Z=MS*9O1pgVQ+-Nk9WEx6J(?X{(cwLC1l9$u45m1P`?xH
z>tdI>(JbgB_$5C+2w90_l5O9qDdTY6lia_Eu(feS1sc6W5INFziS<3mQt_d3P`X(w
z8VC-q6yRV<FEVB<m6UJ-T^?41lt`vyU299T{uv|-)X&|(`K$IBS^UV3#jRH-Uo>VS
zIe@c{Y3F#@&AIY7I^b;&w$Y}jfaY@bcJ>)l1&M`zBzyrON@Xv<b!764AUps)+dI`~
zlJdQfP;~mZW|m-&)D~J3)G}kjWH74umB*1Km~)uKw*@0%%f(1*Y}_v}Zg>^|^uPm1
z^cUk7+a&P%mw$Y}e=hKh%}3s2HEuF(;eEo*3vysy<|(_LhqdM(eN4{l^=_IQZqdH{
zehJxw9HTAU=v(tIC9n5h*`)GCW7UWmY)ECes(a|&UZALoA8UyYoYFTQ>(t$jz9j<G
zQl3<fVrQ~VFy1GV<iJR|++z|-G`}oULsEs(t?`k}3w~lzy<)G3Wnn_*1OOwPQst#L
zS?BT-)9T`hcA>KK$<DYCj@CX|A`|7)I<1TGNM2IXrb`nX#vr*rnWtJA&#zx{Qe>Dt
z#DqbcO|uy%Spg;4hcQ_B?dYBp02AvLaY?<9mwki~iDByt*&2Aez+Pbs7Xg#wu97Q$
zLLhLg8HC%HV<g7}dR+Dmyv<?$QmfSdNSjWiGckxC*W@pmb#yOYszBuz3xMFE*k<Ey
z6jkKcYmI~STl5h!1wwh|I^dRo$fLToga&HAQ-iH36yO1Vil#k9z8`UfXwWMvJd~qJ
zp>2Q6m*-HWp0)&d_@;|*gtMMR(pJZu<9*CuV*DGs$ff1CFpW;HB?G1=yO9yA44}rG
z$qBZJL$^S9mmyxcsx>~)cHA(IAP$f_m=vInUjqJ?3O8xW`)hXAi(Sun#%&$cM_CrM
z8fPsd7$IdafqJ=zh3ff*PXhC*t9H0+fG;Lp-jKX_G8qwftpx9W#<otw#u*s@b&Z>v
zP;ustnDsI_zHNfi$JZh@=+$Yef1N8Py>ws_KsF_x-v#Zst;;+V>z2`BZ#=1t4;J9X
zwhp~klLD2l3V!wDO)<h3@U$4|iywmHXGt3!6FxdBl;xP?e5`H8Rl}9%va%!tRSxEp
zG|?a4QHQUmm{P0++ziZi2ezWw_ojS2icmtTjZHj2%K07#d#G`le<d&D;cb|EuP1Ej
zO0|*l(S?$R1LNDxBl=M{SM8Z@!x1a6(Ae+=ce;`%o2Co_wG#x~o7!8`5mkKyZuFiJ
zce(`?t8m*{dW-zY+6q{<K57Uo@l4+_mn=P<YpsMBLx$PRs|jXQg9sO2>sZ*dS#bAZ
z2x{zyK<%hknC$d&$(pCG#qk%fxV#Kv^DL&lYcCKh<jl4!8+}DGq5f>D+pyWL@CAgS
z@>i1rmtU_lZc1@7<$wryt@tHdFcBhaQfmMr>h@FE@Hob~tG*J?eU0kLt4~nx9N2nh
z3~|taYwN|MLcVe@z38g-C~kcgLCppnwW*zJPo~DFN`=Wc4Mi7Pv`=GD2n)%%NbO8T
zc-N2B1V-=y<PyHhI0&-2mX<}%TM`cZ5FnYej<h}q7H9OXX1^1lUeR)}Z{^LHl7_Tv
zR^`lYn=5pmT02B*yk`n~SgyuhrEFjqhR@KEip4m(cvUXAE&A|6JL!m_ru=XV%J>7G
zF>GN(8t5vdD%x(*Xg+F3d^fODx1i{lC<^t%&Jcni?fO4p&PR~e5g<sb?&Y%kDIp^N
zA54?s;@z9B_oDOvqc{G)^bSvRAnMJL75|ss_vh*cni{(=1|&dYO)r7x7f@wsvouoi
zh~VW=d)%WsZQPg#Qe3B6X|mJr*TR+xW&2C3cgsHh@IosZS1ZyIc*J&Cc|8@AX}rAJ
zRDYBxUvfO_x<wIa@z@zJmNt~x_4V7J?cNSQbs3ipaA(@@*?dM(?&&*U$$-4oF6k_V
z&a)IBLrl*qUT9OpW|XGDjFICLWJy?3srSgCf0Jc{6a#e3PV#BU0$Zv-*zd5wW%)#r
zl!;@zFO6^(BVFF}L`~Vt7fk-i-+5N4XVazuS=}U%s%>&RdngPsFi09bZX>&+_1h9#
zR!ogk0(2YOj<b@A-{*&`F!Y9%*z9U52smlmC-bgv(QJGz;7MQuVLGnYFXKGdD!Tri
zkXWBVm=9r&w1wD?@nmD83Oi?iE@6|IxAgL#2A4DV7f;{;+xl==W&uz-%0GMBIW_*$
z5E<i?Zd{UV6{6~V-aJ{jo8@Qn=n_q*0~bnF+b%X#VM<K$=X0%@Q~r2Ctn20};OlsD
z<$dvtT}6*ecs-NfWyNHTMJ3A7IK^~?5Qsle?>juWDOLJBk@<k42-EU`hp)R11Vb*n
zY~nUK<X42C1vywS!~P<NDKZ=7&)1_xT5=?Msuwzm;m@z|R=#h98Rg+pKTI0ileE_{
z1(A|3;h7!R1UdT!W-@uu?4_@?(YP9Ij0W|O%r27jR$jPOdK&Cm?Ge>TJ&ecebkE)F
zZ}K;i)~?&E4ty6tQ{?VmY-ft|Nuf4S5SD1GI;M_SKTIt-w;TdoI*V|(Zt=aC{C=>u
z+3C6P5|M1{T}4+Q77{!%-_-`zp3%!vB`!zY?SxfMd@|YxUOVaiHPi*ZrBA9Ezl>zO
z%*~-@-ISH$m2amyiDKWX@t@f-(F`vcnr%#p6nX{8F!*Se3f3uxp0NcLc^Ei{eK-tC
z8V9e;^xU>j&0Ry0N4scQ7G#^s%%wU|mh6gx<V;D50=qOXVwC8YSgR{8mZ!Yy38m_?
zkbPtI2|tcD>8?phg?D93dA%pip_68Pjr5OIxkJK-NK$vy_h`G;c*-1+#9b!L$VZ58
zJ<T7z*y72}DU9PWoFVH+mztlp<0;3M`5`;iagaOcW%o0FG~eNXy>0-^`yEMw38lm0
zSfO_o)cR*j{K{6W!}kEe+qJNoyl@7zXiFShZ_z))p#t==y2HtHxG@t}W0UP?wH-4k
z$~cyQ{Rh*E24%VK-k%w5UCnLbZqJjdck-UX!i+gJS#4tkL+ZVq%(IR}wJX+vrzC<D
z;G<9tD*1VEl`)km?WsEGcnYsG%koU2v<cdV=1eF+bH`@Y^oqP2T{YwqEGgywTyHv!
zpCj>I_6wKRxL44-r@NRcQ0#dgc})%#^Vke6G;CabXnsw)sMxklaYz}Pjr`lfMws$b
zgL9*P(``H16~N)g<1oj-gR~3Ac{%?RISpTQacS26R4b#yn!nLg<s?7Ae{DpSUv;Ej
zeL(QlxU76i2{Doskom!_t9ALW?wWxIr<>5#PW=(>uDK@jIK)M`oD1f&?d(2d)o=7B
z3s$rG=7;Fm{Nr_?*Tz(b5+Ruw$?T{Y@s`2aH$KyGQMtw<{lJsCU<cS5B@(C5^IQI0
z&%AXndi0iKBaC0-pTzKAg2N#|ahS{v*T6C^OBVN9MyH?^rr8B{L2uwSN*a+wznE!!
zX3=cBpAHUyInZroMG{bt%P%EC9*<Oo?+gy=66r-Kd}#xk9CxFtR}l5p;ZYS6zl^Cx
zR&r|vThipBaF7TJrgKBCTP{>*A}4=KCiFN`PmbrhU3b7#B}d~2z0=aD*b9o77&PIE
zf$9(-^LvxtSI$4gmo{MX87=L6(JIdkeFjPmaHEO%HyqqAb<2#+I-DLRleGpHJ-uyP
zyzF;|Ai!_X?Lr1>+%o<f-t5)ZMYNR({O~1knySPno6b5Gqpu^&fu2`uYI@(R{|0}}
z^{$&1?MsWw1&zd~`7=@<8qJh=mtUQ4u0Xw_D>^z-GoDae=0B>1CGrwc{h`geLy=(|
zupWgO1ZwL(q?2N%1v};z0@24>p9c%`0Kf)Xo6qvic9+?1k|$*RfrWT>x*_zTgE>6Y
z%EqXlZE?LDJQ7u(!v^e6*T0q!bfY@Bz?Od5AB?|E^h-2smQ!u*><=BrXx28)tqXNb
z);1hJ$Cfa2!8D>}fcqe8BWr~fKwv!6KjcJrE>Y@fvh(zNTtZkla9$?=FuiUel=;wA
zXJsJzP=X-xqqQQQKd4GoL#9HH{dXI11sfm~QW?$=gSOi5en)P(xu7V|GmqC#RedmZ
zcRF?8QMQj7ew;Z#0Ggcqun#QVUW;f4qN;fi5|{Q$_|#u{mkdx$CwuGbmAO|I$V7sJ
zURu@~BS_GuH_saCk1#8%LI&T|NL0DRlA@f`=5@p{u>`;3_XpX?&!)M=N)k#;>jIEg
zVMOwVV?Vy(cKNZmepxZTYW(L%1?=N@>H@Z&w_leNlRM_K9jpdU=~5V%bftR&cPpBO
zan5@p2<7IHaW0Avl~xa)x%9{>dphO6U2H=y0FGvbsl_$~H-LN1XXNOK(MM7#twYi$
z7*%2462thohyWYQ*#_-Eb>>WjX8Ofo7d7+qAr#Gi&8jK!m?(!*Keyks-oWKN?Rm(J
z$<3Kc`}syFSdY>$d<{LgAlCP4ks|W1;>qx;&!@A9%b#nZW4~_%+7v3_`GFtJVg3w$
zLfUQsMF!k+@I+m)gXQnO#u3ngOr&&TwJ^+H>YsJH>w`Hi$F5mo^?24!=!t0wCu)?=
zul`-+3el@8#tPV~FZ{~*sQ+aV%otH>W{!8-koie?42KiARF?IC{HZ-!rAQ$ITY$f<
zm#AmvKKBUs!=+yiUlDcmBW%%#MDH)Mu9LH{-`lMAQt?b~r`daQ%I8R~f}ZCjrnA^U
z+~l5InVG`}yD$<rmBX@~oNOO}XEYjh`B0z7g3Roc7o0p$HgcbwEI^MOiJ0mv9e3ua
zDhHAV&}YdeuN+pivHKQT<hD@nf36u!%R<r;;nO$v1=HYFc+>K0s?bRM>DA`pmf6a1
zDtB%MYfs#YocWAYZ4hzi6P87*A4SWBqx39s{Jf(R&x?C?l?3$`y;&C;Pn^vintg5I
zUYN!wh~Ze*SL`C(5YGQ?XQcEZ3<Pw}ywA!?u{Sh1$J(8L^nl_0iMGrT5ePekl!#D(
t3LozQAr1lE6W#UKOCTt@KigwXn?pk{oIb1jmX=R;Di4g%#Q(RY{TIa_xdi|K

literal 0
HcmV?d00001


From c32ea5b63a7d3d6e647f637d9560970f6883a352 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 11:55:43 +0200
Subject: [PATCH 28/32] different cert

---
 src/BenchmarksApps/TLS/Kestrel/Program.cs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/BenchmarksApps/TLS/Kestrel/Program.cs b/src/BenchmarksApps/TLS/Kestrel/Program.cs
index 35925c6e9..e81ec832f 100644
--- a/src/BenchmarksApps/TLS/Kestrel/Program.cs
+++ b/src/BenchmarksApps/TLS/Kestrel/Program.cs
@@ -54,6 +54,7 @@ void ConfigureListen(KestrelServerOptions serverOptions, IConfigurationRoot conf
         serverOptions.Listen(endpoint, listenOptions =>
         {
             var certificatePath = Path.Combine("certificates", $"testCert-{certPublicKeyLength}.pfx");
+            Console.WriteLine($"Using certificate: {certificatePath}");
 
             // [SuppressMessage("Microsoft.Security", "CSCAN0220.DefaultPasswordContexts", Justification="Benchmark code, not a secret")]
             listenOptions.UseHttps(certificatePath, "testPassword", options =>

From 4013254549e80c51b2c330dbf2e0d4fd21fdff33 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 12:01:02 +0200
Subject: [PATCH 29/32] regenerate certs (20 years long)

---
 .../TLS/Certificates/2048/testCert-2048.pfx   | Bin 3699 -> 2499 bytes
 .../TLS/Certificates/4096/testCert-4096.pfx   | Bin 4045 -> 4163 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/src/BenchmarksApps/TLS/Certificates/2048/testCert-2048.pfx b/src/BenchmarksApps/TLS/Certificates/2048/testCert-2048.pfx
index a0da01e6baae2b2a34dd2948e5a303feb53a90ee..3137a521bf73615e42a4aae5164224706352e38e 100644
GIT binary patch
delta 2328
zcmV+z3Fr3n9K#bpFoFrc0s#Xsf(dm72`Yw2hW8Bt2LYgh31$R>31TpU30^RQ1Ih*o
zDuzgg_YDCD2B3liyD)+Sw*mnGFoFZHkw7aDbPnL?sV7O5l$~z@9(1I^k$WM3;uAqc
zZ{AX7NGqFk#Kj8bfPw=+ExhJ@i^Qfka~M@KvXj9Q1o6Pc|JoP0opL9M+wn^n_$9GR
zze4f}05Yd=0JCYYKKt0e90lN@UCIgP%yD}ZY9VJanKm<v5Mq?C7qnI79i;+Z9#oU3
z6K5#g&EMyC$wpY;eO<w=MDZJcCQQk5AIq(r`9WQ)FL;Ob)S}AhX$=r!#3{Jsgb&t4
z<Ft}xOt3@%JG05bKb!`rR1%^n-S%}yZy-Vs_23wD$6Q*18N`G6pTYd4xbxLz3oKjo
zc}paew6Tgq`k=6Tg)x!LQ^*3(DwMw;zNYv~*`wM;fGiP5C3Sv!j9Wl|WIsakZ4(_9
z{(DH?u51yCe5hC+I^Uwx2?p$>TMh*bGLFNU&V86Y1(kj6TV=2^>yb)j*^9FcI*cRJ
zPzR-vYG*lQIf<b}WTQj+fha=nJ*!h!E$Ec;cnxWTD5kM2Y0>Y&m#xXd8ZSJqB)x-2
zmixe7I+AUa_`p14_c7Ri*uz$LrlZn5JLftcrPD-i{n^F<AN!>N82Fml@5JDT=f!Uh
zGeI6+$)oTNHwLRgsTACaaQd|)VoT6&k899}{xSpiQ1@k)?Fp-6J>oHgzl3Ql3*PPl
z<gxQG_s*VIw19A3DF&JM0w4%;b-j+6eT`vs9oA|Cy})*UTRnw;K?+&vfj&FrOtpIs
zq;>bC@*F?d7LO2<4L2HlE_ak%fUozt)NW4^gF;o`Zjc^!U~QQp<`hB`O)HKQYcb<r
zmR4e)CfOYLsbJ(PeY(8vNMfL}t^}$U%!=@u3hRuvcP<kw6bAM^UF=&aZ(Z_&znnW{
zv|<Xm4XXt<NrGyBUpRz%e2dUr59*SQCWkHpO@g$-Kb77X#W4AMu!+0w%KEsA5#{sq
z@7>sFfw0anwiyPW_;9FZhs;tM=JBSw++YV{$f6{`Omjt(Vil&e>28ESND(~1_<5BD
zsHkcF<AQENg;bX)iB@|Y$|d9fO5eZJN=c^2Rnw&bY*gM_V{_Ov*oGQz56)UlFb&2&
zP7Iuux$BD97Plwmln+V;<q{%K`8=wkX=aECCaw)j^?Q{BZ|R{Lae$KJlXTJ>Udd8g
z@CXj0ORBH2@Qqjoo;4l5=kc1|#2k~L2viWU2)!B_^UFXITQSMFSoW-udm(?T16ju!
zkF6Ub+*i5|noGb0f&|c4KAZl>U(RjwF|taI2O62=^P3|pVhei;;8})04gFrr#3+(d
zcSr6IjkxOvJ6&sPXe<omXUV`lbsvU$zt7HDKnfQ|mJfS5`OEx0+F(?Q;i8qOc8<i2
zPR8~g+Lw#Me;N4hF6o<<iB5mP;WFc<M8-(YV+|#K(|xI~Jt#QB8<(qJiUiS|xV9B~
zp&KxwNc<inXbU7md;=Izq;>tSjWObRoH{Na&lIz$4hj`(xodT}Q@Ce-Lnt_$N*Ngj
z@y$LR*aP_<dabkSCC-s$dzgfT6ax%_1I(2{=94i%{TV63D&$fBB4B^p%|A29UoXpj
z%qxPh%tu_i+D{RUpFR1$oo#BBPq`elg444WI*N2Za<B~sFhgQ|3l20lt5BEq2&_s;
z$@E@1NOFW}aB5WmzYJI2QGf-q0ti-i3XjJ5XEqGS2W|#EVnw-t25`&VQ}k{40!3HD
z<O(^b+%zuKl-|{rUhjW+DKuz0TT5U*;d3BV;0&kQaJ7wNq~<Iggw)Ik2?>Pf++eS%
zHJty!9)2?7yc7I?1j;>TU=pEV3l9VuCA}|{rg>7M2Rb=+Gu1Owf5J5r^!AJ=d%sd#
zTq2x=Ip+qHy!o_;<MKjaOFWu<t8<S8WXbzy+&y8TPxItN8PtC)9qb*8Si&1EBp}Y$
zXW6}b3rrfddsv^gjPEuHsK~Ff_7%5?6y%@*jGFmj<iOmsIeA&;!sxMKjBXX#lG)jt
zp~P0s8Os<;kQH~}^PC>NC55sm{I5;K1g(Fw`u`!8w8@>>lU|EYr}gG;i=IZfo9Hj`
zz|(O5x3mDlJnVnt)F^gTl4l@=#_xKlrXJ)?Hi_1UbrlN<%ysH4yXmAC?4N^86B{O)
z_R6E&CD6FzGxOH4S4Hwuv+@BS3*&i_u~bw!>bNQx5Fe@N!OX;+_;HXk-W(4D6E7ec
zDC<KO=K7)$y9!!+;#KLS>8VNhsFrI+SD#*dZul!=fAoJDRofRo(O28NVvR*1DcPEl
z3kW}RZLsa!*%3T2-EU10hadmAUpzig`cImuU!dWOBhV?UH7B9~F5n$PhvEl1Moe@m
zL13ELEMy2tN71qs)tY~)ot+M7qJChbZaAJLCO2V2yQvUZMBR$3d^9u{&!%w%F;d6h
zURhKJ)D?dkJNmeuhvH4?sul23n=|0%l-{+0yTZSH<pOYkcnhAo91qE{o&B*g#kP@C
zV~zr{!ZY?oydi|fox#WTg}IY_X3KjG4hz&^EC|2{Fc`I;)I64DQ;uK?wZo-ZMvdBn
zRGI!dne`Oq(#;#l@S$b1Yh(W|FNA_*{Ft7>7Z-o=xPu*DiDf{I$Kn6Q$Vlh%&HC}A
zx2aKz8OKp&M^=~`oU9(UJ#k5%a`gw!t(D&r^;V|?y46sJ-I?>?r>SP;E<C@Ex@$tl
zjk6s}alJPmwP+ck#~owC-HoF5u+uLw{4AU^J#QKHHD>{-YF6)cZ<A7yj>|KBjnOYN
zXk34!%p&c9px}ny82neqaFsWFLx1~;da4&#!~6*ST?oXdyl-W#&toE6N!v=|VfTY>
z*{+3yQW5OTf5s_v<=-0h$5grud?<Mw;W$`8=Ts)rmcS&0R^2+M+&$sC6?465Bj)M}
z{5cxJbj6)^F(oh~1_>&LNQU<f0SOf`76cU(;CHoXjUXX`iU#dnHs9S3({YAflQ0ey
yF0r}sHP=*AqkkFHb#!Jikj6Q4N$AdYvcaGJ1{{u@Fa!ueUYtRk*s3N10tf)>F<h(w

delta 3538
zcmV;@4K4D+6Z0HEFoF(m0s#Xsf(|7H2`Yw2hW8Bt2LYgh4i*H04iYee4h}Ga2zmwy
zDuzgg_YDCD2B3lnYcPTcX958LFoFnRkw7aDmfrd#HzBE<b!c|kg1qcGk$WM3x5NI3
z+_uwYcXs$F8jxfCfPx3`n@DDmy&Sc&7a6_hXY5Q4&uky`XVa(*4dB=B>Cr1;_r(hp
zQ*DUY&<VB8o$a?~eC=_cXnvYJTQpC5&c?9k)1GxiBZ5khqeN&`@;+6<A#3^LI9eBo
zPQr`LNo22bv)~#}qop1K!sicvRpieVTlM3Aw<y?jtiz$Sn=y4|M_7iS_)3Q-{y;6K
z-EgKuj4qI%zOpY2>a2o|RTwiiC@c4^FF!|QZMZB+CbNTnQ^#_Q7m=j*Ntdk+|H%HP
zH9VMGVCkyfpN7g&xd*aLD_z%39)-&30tA*HS9>mOTvZR5qmzm_+*HDU{IZSpoG$`l
z^V|p+cQoxW(a$RmGr$fy&r3Phv-!C1SjIZ8#2?Hp&dL9o1HLp0{Zjn`KIobN!EP|#
z6TKqpe~H&o^^@5gY5AghXn-2%5ie?=vAQ95OkEZl{C)EXLexHJWXXr!MOPl!rb17m
z3JQvx%!$lJ1aLvV*o(7&Jz)R6kJIxHyMa9Mc*H&$1?)45j+gQWLB%jv-3P}Xxhe>b
zo?GHDlOi=kJ!@O3p9?1EbP0I7B+yhn+e45yzhB0|3=Cmqwtp>EZpS<LE$&#1Ame93
z<BMP9g7M0pPoZN<b$Dm-8)jZR7Z=Y^vT5si6n|c|<q9c9{^PEHa))gJ$G%y}H!p_M
z5o{)MpPQEp!s8d+qt_eyGH2d2XaKJcCITj)s5H{gr)UfgeX<$|9bWkL50M%>$B~uR
zszNaZDm0>{cp73lI#&*6*zx1RXtI<~x$!6X1({nUwe)Pwx$fYEXSCAerFl`2U=-Dl
ziNuLzap*CJux$Q+he?InPtv4+I{Jt?XH2dPc$vP!KAO>RM|Z!)ws~>+AnxTS2kSt8
zKG68^9;cA2R%$CMk6Lm)x*#nf)9C+=ndKFjywG)#h-Uy+98v@w!&U^0tNe>qaXA44
zG4$bTb@olrz=>@6n+Bls-Urk(A^P|aNs4heP7uOhgSGsB!rvwZuK;Y5*&u#dfEQ!%
z>Jeo1RkdI3y&xaPbY`Jkw=J8K(6F5B&3LIWzmML6Ncn^UM$W=S(SU;9o6(}NDdD;A
zSO&+DE}0uQ*|UpS|4<ij%beDmHiZ`c<gBGyviM|2{jhZxAHf9TcDS!d$;~YMJ<O6a
zl=%FVXz|*AOF&PsGyf&vd#O(c94;Or?u~tn@OaM=IQNXI5IWl2WY3c-Ryawk46+q*
z(><-pHg)UGR)pVVhamTgLd_i4!}uk;yjZA`lB%py+SC0%mh4TDmn=G|Wh9A&M(0`j
z@>R2w)JVA7b!QTgf%yFS5a>dCxFX&y!k!h*G7s#3YgFns<G3HCk+MYVS@hw{r{$iA
z#0UhVB00{_Aq&O?-FPG%i!soMW456x8<vTVd1n6uPD)<+HkQSC5^LZ*bw)?H?SlIs
z#F^e05Q#fl{F^Hvh$%bR)7CwpF9X+SJ$53Jg%iRR21j*R@!x=M1vEeL!38--Fuo{8
zhye|Mcx4{T-{pqCCyvh`Qat!itSnAlm;whg_A2|oRO|hIvA56Y)V3Q8I?l{803Cf<
zAOSnxqtPn>hXG6imX)WRU6De<c!ySu^ZO$E;q51`bDD80OOY)|m@RD^U}`4bEGYC3
z1l@ng?+v?z{)9YG{C`W&J1!}_W5ncdc<wuYLzuODO(#y%6-pPb5~zW-wg%z~NHUe(
z_S;e%u&D<JyB-7Qwfy5jE)ATOZRYieO;~k<>Wj-xthMis-=ahK_GOI07f`ohPT9pl
z{Zi{&WgL(~7u!mco8Afz=gZCRpi+99U!4#@z6|p98I+JM?duwMK;JM&rp~E@eW+7^
zduUp>{UPG3G^~qjqoU6*91U!jR=@?lSKALj9oEF@+A7gqNAx}BXE8bDcyAmKe_QH>
zzEXH27o@Bui(REXa!#6&>l}O?6%!014qFigxR!VX3Ep7lL{NREmI)PA#vBevV)4Q?
z44Y7){p$i$ZK*fX*I{1nuU3|Mbtlw+8NNXpR9Bo=xPFV3*uu{J<iHxGPc_qoidv+#
z0K)qG=l?mxyuq<PspU1%cElfeFnLINsK|qU-_))(k4UC$jTJ_69n$vT9So|ZZ70aW
z&&>mw*P~SPJM<&laK(o<9ra~+RncG(>r6KzHaaOJD;YKtc4rO(x{`{lk9&E4iz>?D
zwnVo6rAvsyL4<>t@GXrWMtTFJvXs*JfA-M08w-xAV%r#K@xYDdl3Y3_spzxh)vQ@!
zFkAdw`5Oqm6Rd}pi<3Ao_6jm+<BUQdyX$WghLSqc+3w)zpjBQ>JXk#RQ+!*z$vC>7
zI)TCo>TXZMLs%jKl5t;Ke-yxfo6OEtl4ImKek$_UQv%zh0iYR0sh!CJh9n~5HQj;w
zo)u?ZjagO&Y0mF(iQhC`VD^Qvz}U?<B%RAeIaAzGB=HaAubi1o=+<-h@vJCr$seey
zxkKDLb+O@paREt%B-Io0@`(*#6?6Za;=VWx_}c`KnE8y%5_!d1>R)evfE&4;mv+`8
zJ72SwoL2MdTahekgmG7aj$hm`?sMLsC&?;uOMp?8NB57452sEKD2U@Z@=V8`t<GL*
zNxJ0a@9d=)+<gR`Jt8p-Wn^q!7A7u6xMt-O5li7Q#FS$)6uMenxSIe{6pAaSg>UKD
z$(iGu7{p;>k4kwhxbqbh*%pMPBoVoRx59+L%ujL17T42{lkfvn5RRl^e(W<N)Xbvf
zTs`@DU6Fese^rhS4(l)uKd>u_s(`8%^8|tf(5wlVcuRsX@N6!A@lL!BZ(vD!e=d#|
zvZ2})7`6Fzp!bx76G}kq4*tb!cmcRmt6sKh_q1Yh-rZhOBPnOsMukQG&C8|Jb4@__
zVyGGo;cSm0Ia4<c0kjbljR(`ckh3tcMCEqO&JkqYf2qHX!>zr{a5HN*==QH#A&5qs
zmujC&tRQgP=Va!DO2zRXEu%=`K(Uvgp;&B;AT+yI$e54oid_g`^r_}J>qeJ>bcV-U
z3;?P^uzn^?Xn}*RnQ1K{rY8|Qh5Hp1SPLeVA2n@n^5=_XS2Iu-=vQ>H#THZ?|4Xpu
za*PJnf2@YG!v}3`je{|aq-y_y#=QRoptHJg@YAr=j7}&st(J&ZoZ?tpys(2ASgZ;u
zR3~3CKQSp+V?n2){sE9@%a_AB1iM5*>t2B6-Dy2}K7W_g*+y5H6*2vCRRl4Eb|$?}
zliLUst<yGEKKl%@MA);XT1q3AfAJReIHzN1f0G^6bkXi`LZx=me+Ap57oc~$;rOQL
z9b`;>S_z`!Q;wg!b-?$(^ASI|W1)^eeqz%bmD@|Dq-)?vh!5Hl7g2aA2Ha74r^S5m
zQ654{v!i_9)uzVb1DwY#<L)XoRt7=<$vc73Nt&k5yiKkkzC%;r(5}!2k^U*{xi3<{
zf5Ugie1(K%5)O7ZlWY9C8?>*43jF$!0z3oeP6+W(X+L^-DI}VDeJKF3T*c4#^G0RV
zw*#3YS8Y_I+gh<``%+ZB%BwpoDUT(zWr}4}G_#0FJ@DA+*}=RQDHujKTvL-rVWPFk
zeBusxM!MD5-^Q;hDbLfWjknS%H7N;Ve<?xf`afVSMNQ2<qhM}FWgTA4YNQCCU839Q
zu;GLo^E`vhuXOT`u2MKbK(5o@P3ji=<#L(KGP@Po$H$RO{z`LFBGFkQGUm=D5sEN#
zshjzD4d8#?s}oEri6M~Y&LMPdNNCzdD7KOeZ7nYR-UJ84^qEjQ0j4b{FZvJye}TRp
zF&w+<YB3-kN41z3dAnh%kt3AuWBIv(o%BbfZ$R3)Htf5>(Sd&H`E4h0r^BKENV3CU
zMq-f&`5;QX+0GDTN)H$$70_0qh<Q4}NZczF)pOYiXbM;~TZ;?a%?Z9tgqnxnc(h2-
zpX-KYs8-SRX?9R<>8^E!Cu`G>e@M%_`XvHzJSwWqumJfZ{|a{Qta)Zrt%7k7!AxR#
ztP>Njv-&N&4pCMLs$uY#N?=;LMN0jAzRjR>!YjLr+|naTR_WN~X5^aFeJB&7eUPHz
zdnTr+IYVuV_yk0yNI_jOcc6PYO7^YiR&T03D}2FZ6Kg)To=xg8*J-uQe+Un`4l5ee
zuk(LlW8~>FQ0s_oB2aG#tL63>$c5e2)tERXK2)G`@L<VG4%q&-K#eLgm$F<}0b}t9
zb0Z&}MEj`?t_(GUz~4hUvBz9bn+kPx1s>8YCGgIeWSY*dJ<HCDeH`=@JrVfVh{e2o
zSL=<R897&NuL>U<1Cg&-f7RV>8`|qk=w3eu5*RhMwY{MaSyd&o>c>nc6Ao7o{|Cqr
zOzJkeVA^(@TGY0N&pn#`+L3EB7|j2Cm?jgsT&$3l!;k<aHn*)YrD>=Gh;!~{j&jyc
zer)ascVc=+W5?iU+pj`|fk0+(vN<s&Fe3&DDuzgg_YDCF6)_eB6%^}7BAR)TC^ClC
zJJM(#@8_OfIlhyC2^B7GEuSGZWqQ@;KDM=a-KkP&tpo*VM$fe{EiRsrM==Nl2s?i$
M>cyE;i~<4(050yhoB#j-

diff --git a/src/BenchmarksApps/TLS/Certificates/4096/testCert-4096.pfx b/src/BenchmarksApps/TLS/Certificates/4096/testCert-4096.pfx
index e03e6d5395f04b195385b112eed4ec73b097d07d..8c1c24b63de082e451bee48529e57391ef47f7fc 100644
GIT binary patch
literal 4163
zcmai1Ra6uT*JXwwh8#eKZibQ=7-=byj-gXRx@$<KLlC4dN=fG(NvR=~kPuKo7`j9n
z0fC|6^IQMF?tT0o&N^%F{cz61S^Jy=kA^4!0r>D}%2PtHzzg*kXXF4PKv6X11}K_x
z?GL>Kk0u!TS0XHmCg}J>wE_Wne^ULw3IJ~N4<I0i8^A^Xg=BDU5M+^bjNg`p-*rI^
zii-AIaRCB}@!({H#Q#?n2qwUTvk-!9U#J5d@j(Cq5X1*8CGIQPK)Z&Do5ft{f+C{{
z6ovB*nG%;j9l2pUn@xe67W<#1JT9o+r1Bgrm=wkdcp&uXc?D|cYlPR7@#pj4LY1i5
zF%pXA`W88IjF2nYH2vC#XLO)uVGMauW`}QHVGzu{Th!7k?e=TSxrF}>F2c~^>C|&(
z<mCqgYbn1S`bQaBE}>skilYZ242RCnL>nKQW~kdA#<zLv*Wsq+l;6MsHUI;3S4$iv
zor!VI&hzB2_ZNAOJ~i42c<f!hW(h^6VVh*h674_EQ)D?PNj~~{^VKE&$Ll0Qd!v&q
zzDsc$jK*}}L$J8l`#~Q<?Ym7_uzebQ^zt=ohyVrss?CIX;CAPcvQkFGmpMF3q95p=
znP<o**56QPJ7aU3rtLqtf0J)aucMhxLn#A8msJf%vKOfL^eXo!jjTEIICF4Wmu{X6
z!vf_dy<KrsKKUnFe~B+4*)o5J<D2noYsRx!DTSM}(Wy5L)o>r4*dX2p_T#RnE(325
zsx1}o1a0`3!o)slFJ8S|nz7}JZTo(U4L@jj1x$x#?<WfgsrxC2H3mV-T4GKOCCXOm
zEsUcaprz(}huER}74A3(N}nC~KBnr|>cJi&{_?$`87}A?`=W}@vesZO>GSc1R}HIu
zjQ5|$NB(NK>(8!c`z$-^F1<C$_>HOi2C97bv5>!5t|&40H|(hp`T-A+*|gX*tZuoR
zWP6y*t41{vwR7)Y>f+;8Go|uNwJ_;*BTe7Zc>aoBpF!yeUO@+R*Z8!AWF6^%8ikf?
zNWwOsqu3V%y3Mz8iKBfOtU#?^R#XT5Q~ssdR$n)SrLX+O%HJFOH7#t(+`pJZKN2-x
zZ7_fCuKdL3DTddr;26-jNYpZC;@p45eu?_|XdtaTX`9!@SDm7E4Uso*a5!uFmKwhw
zky>EmeQ@UiWwzeC2H!1B5A!Fa?}~0Sk1E(Z1u;}+cq`6%e#WX^dU%GtsH)oGj%N>m
zF+RJmW@dD>wU_?p+Ujc-fk^dwyYJ1%mnod29-S44scfR;K?VjhIQ6!{!o;;DdY0H<
zOB{_IY=J=CBF~4dw2MZEe~~EWF7yQ|d@IU3l{NC#6R&|(Nryxn@a;b7y5~I#4fCTJ
z-q4M(+Xu-onIvonZ&jwccjCfyY69ktSKd?-+Kz2hW@5eY$Q#c@mr9tch4QKQJmoC7
z-s|c~n`oEwe6Y#^I|Yb5F3{mha?qDdc-TF5e*%1QZObRnLcUgtk=ZSQdb7-8W1H$T
zXP-^4Eu7gG5Gq<T^V?#I5D|bz#^PPez$tcDll@1B7rf(XXrCxOlTH7f%^?r1ep4^f
z4XdwVJmqtZfU*MndJ7Ip#E_3dQ~70VYPFB<K$^HCh^;&Z<QYiW9Llk3HuE5gDs&fS
zisFjE*nH#-rW)=m$=mqyVGz=kHD`Vzuw`~P&(z-1qFBSA?N@XuL)K>vZ4f!`b9h{0
z*3inkVy^K;a{sD?s-FVPsVl~A3<~--Bb+0M|2AAo>VXnZHBVWogpYC7Vd4YeAm^sK
zSO1AOik1OOIb4qC^G&(DsX$GCP=n1%(&YUEaXa$89|o28LW8Nk^U-AUa{(!+g%xdV
zH&W+sTN;0I%pFvHB@+)YH!F`;akzA0|NOauoKtmYj(w+uO~IT{Z_cM!e@SX{(B&_`
zK<I+NGWT@Jii)J%z@-6hXi^F{Wdbl0fO{MfCk9){UEs5vl(`xrRFe77WfLT56>2Gq
zc1UTlNHB1KKvCxXTtbpSA5_acEeriJZAinb;e+`sv1vlLTn!TTcNFkk&KVv}LiUd@
z|JUfjH=t<n1w0yj`X`PEN&kNbkdXj@e?-h5viW}*yM?u{b4kw*qVy0h_*5hi_dkt2
z#D8S-rbqON#o=y52-^_lpAPh9RAOW)nsc4n4aVYYlw*Zk*&@q?*t~^_Kw?*~#Oijf
zijO!0fZ!!misD;v^x#Q;yXDfr>O_u+()UHQjcC1&II*6;)y$gx2xDK(=~HP<o+*vJ
z9oJk^oX*Ym!m<p4J0z5u#ubpe;%o`}z-^|cMSsRBm24-Me&nkb7|dn?-=gz+)d1{$
zqg#kCqzWI%cJZ^2xK8A^*oXrYGg6x)g{O}{hEM9gue5m`XgSTlF4S?1_SAsaOlBZ=
z@i<a3cppUzm3US4?79HiSmEwK>7XX5B7URJdn-{n>@~B<MLd#E&G~sw_)FC&GjDm3
z8gDl3UPlSi_)6`+cWAPLRB1<BoM~%EyeW-}*<pX1f&{UQfxR}nr-{xGZI!uo!$9!&
zA^Ef``?@9aV52v&p~K$1{um+2zzNUTKGyv9RDvz%S657B#3uqj`CI*jLP&g^JZM90
zUT(X^V8=nH&QN&9IPC*CaUi&j(lT2hNh5}Dt3;gua{_2Wr<On2D%jGpq^TpLg@l4y
zJm2mJTHxkcN?2~@g;`+wZ6feqx{4+moYLr$qx`U7)$Q@D`kRh4&5WCa0xigKRfvu1
zr@sPXcX0jd+)BQpvZ>EjuVd4ch2i?gjCaFv?qGPXLSMpa^+7CAqYE{jH@kb}<C*LG
zBKe&T*aR3!U+{g7Cq$k~2JFRD<ViGLTH&u9G#)u@WybKfA1XR?he}dr9EXvO`sSGu
z$hxk|Cu+OjV1KB%R9+Y85iDcAy$^6-$NoGnY}FH&q@H@57(ad~cI*9U%O`O>4i-*n
za`e8(PL&}j=?-)K<80hEvFcZHWwU?HFwogYY(|<>qiKh|A(V&(j{v0`3?gBC+m^v&
zrjhG6$!QiVjQg$2?f4lrOBjh;u|N+HHFEVWp6e$1jmBf+=z6%ne5WT1YgJqBO}tXB
zkkIi(POTIt9`@otJ5RCM{WHwOA=9r2pZ})O%S-$?@WQvPY@h@z<V9Tpq0W5n(}s%U
zoV0>h;UCS-<^6=PjULJ_-x(D3s2jjElbl8d@<K5uQ48XO+7(k$TMWpdhZ`N8@GyN;
zoawUbi5Ahd<?lOr&YuHP#zVyfFZ@aS_s_hheS~~I7}MSTdS-esa3OC(z8~oCal1i0
zkXciUbHm#kfl;J$`c!Ux^U|Cu3F2v|>Kmra;x9nuvyS3w7dX1zrKh<&8Kjja#ucEo
zl3AUgIPw6u->`S8OYe9CL|>2SgiajSUcKa}(4?t~x2P=sk$Ph^*EA?kj!*gMVO#Tu
zNY6%A>6E(YG8J-o&O|QagrRP-7^v0IU|SXgLV?%UPuOg)u9J<i0hY1}P+#V7f^3H=
zYa&YMc~<z|W@*<U;ZoJRsoHY<SbwT;wE0@e+^R24%TLR!#YxX4GAY_;a|*})H^vCv
z1xojquHX9o4~`4Nl19MRC{1Fpd7WNTpv<y=^!?VGH`#wD#$2RSc~=`VMzl_6e+5`P
zP2b((IJC#icU@#kmbbGi8YI6!f2bRQXh0N(z=m8>BA>fb3>dHS^erT;qNGqfNd&EB
zA)+WPuDxUPj^bxk)SUd$znpZhPeFw}Ky}2OMidK{gaUS>9&YVeA`&y*#_(N+r98jv
z7Ywm}oUYGRU)uyboxp^e<we`Ah@`T@^^%eCPd%I-BdUsNqb%{WelK^sjrz$JDa-DO
zBat--=Xa{rrlmLVXDSA350hL6`b2eiGzgq>a=K-(3Vp8l2$oJeV@IAu_UFDkr-)!&
zAd%Nh$HhX~Z6%lV^tSq17SkXJXKqpH44&BL5?|>U8DZ}7{Md|WfT71}U!-*C0w6O+
zA@f=rZ|t7TUo=`~a{~VJX%fY?vPs@W%z8@H*=-fj_0vX=!m}I!<l^zKjWfZ@i3&r3
zJ#`^gW93&u$SzIZWvMfqCbwi5Emt_xe2l4FMg{4UW}J0V-nt0`E8X+QBMm>@(p_TM
z>s<_r&;3)c;yqEg#<YDNmF<n4BQUOWxtSU7W`;)f+{d3sfwl}TsWnEvZo?($(I6U^
zeR|~IYGpLKy3bPmevbHxqor}2WNUKkz>p>6?CPCShJv7NF2(U&1M9oIAMhu%?N@aS
z393(HlvFXAB&X#UV&qaENmoBbolc)W#wYWxh}R)@`aZCkwO}){Qg6QKK;=T}t9rQ+
z>(yAfk<c3eI$6jLYSx}S!dd9jgm+4H^OUkP93CL;b0@yrMZBP?p2bTD5d!i_4%S~{
z%?!{?e3r;KyA;wmD_$4gg+(@9ok3=78JF2xRjtBtbE*xCm=NTc@-HFFzZE|H=<`KI
zpxNYWxXG#3ElD3)r<rLPz18J1(3}(l1)d*BkbRyfy=1zG40b)@+$`Qso!B=dPjrEF
zAQ339;*mO`36#5Q=VWdb)H1jF-N~8i*fQ5{{vDb+ex=ALz0n*CG^u+oUS|;^MUex$
z{ej58_|XI93OX{hrUM4-5vccc@hYUa5Q==$1KTi=kkRL{0RR}qU*F5T<U<URF04PZ
zcYiRJbQM^U=c&503`p+j)FJmI6?+1v#%huBVylii(%H;mVh?$^f^Bbior_*o;<-KD
z|7~8%#BoF`bGh_Rji`_`pKrmeUF04fkm0c~gRZ+mW|ingiqE(HC6#5Op>8`Gb*h<(
zOpI>JDbfq64dWN($GsHl`AOL8Bu;+}L!R2_87LywKK@#r&y$s^H!G6{C-=J`_c<V8
z<JKLHBjN*})7+o5>vlYej(%@g#HiFa=S~h6NXcwjwt<sGy~#&b`s@@!4I8#29=1Oe
ze6aJf>(!7NpTo1&ucry+(RuFLgu)%`@&cjdkHsM=Hw?q+za7<#ogp{og7G(}Z|p9n
z1w`6XFm`wG!Kb$d$rn943@4Z;AJn$!Il>H~=k+e6ZN<J;^(Hr<I8pYscy>MI@1=PU
zEZGlhrAK$^N%sM93<2OK|CR|r4!ulI^et~anwIw}^_^M}h4b`?hcuH6Tz0J*p`F?$
zwz<#8Q22ns8vSn2Cbv=>AikW@)(h05EOe3GWnl;Ev&MVn_Gd%!T`o5G21^ox`lBGy
zCy=Tyac?q;>Qn6^k6y7l@T|Ml`AN>3taZ`ndC1&~HYp7|Hzwu0^R|_HB&Xrlx$iVZ
zANj>weTfAi3WIa~bLfF-MWLX3C9=WF_;e#rxFpnw51EEngH$%}!Ij{maPoiNZXkdF
z55!(%fm|-%KhSGQ?}Bz#G|%5D6I&-@weP2)hqK>2iMa(4dmRncvm#^P|M%4U4>!%O
ARR910

literal 4045
zcmY+GXD}R$x5o8ec6AXEb=9?^#}d6utlp!9AVP@fEXxw2_g<nUI&YNdHF^ob>LrM>
z(OG@3cjn&vzxTtLGxI!i&bQ|`4+KFyh=+?0K~TpLk@APDhhr#liE;B0)WHM@>VSLM
z2ZA81{*OhJk08vym$LD2aqd^je;i!MLn5;O{y>3C1fe1z!9d+EC>)(5@bE}*f)Rv{
zhPL}DN(n>}TzvJ#o#)E_-l?~z({yD5VKjo=)HU^+G(VQfx5iZylmN=2$wo50{O6IB
zlH&~>zc#V6W!lV=ygV()Z=MS*9O1pgVQ+-Nk9WEx6J(?X{(cwLC1l9$u45m1P`?xH
z>tdI>(JbgB_$5C+2w90_l5O9qDdTY6lia_Eu(feS1sc6W5INFziS<3mQt_d3P`X(w
z8VC-q6yRV<FEVB<m6UJ-T^?41lt`vyU299T{uv|-)X&|(`K$IBS^UV3#jRH-Uo>VS
zIe@c{Y3F#@&AIY7I^b;&w$Y}jfaY@bcJ>)l1&M`zBzyrON@Xv<b!764AUps)+dI`~
zlJdQfP;~mZW|m-&)D~J3)G}kjWH74umB*1Km~)uKw*@0%%f(1*Y}_v}Zg>^|^uPm1
z^cUk7+a&P%mw$Y}e=hKh%}3s2HEuF(;eEo*3vysy<|(_LhqdM(eN4{l^=_IQZqdH{
zehJxw9HTAU=v(tIC9n5h*`)GCW7UWmY)ECes(a|&UZALoA8UyYoYFTQ>(t$jz9j<G
zQl3<fVrQ~VFy1GV<iJR|++z|-G`}oULsEs(t?`k}3w~lzy<)G3Wnn_*1OOwPQst#L
zS?BT-)9T`hcA>KK$<DYCj@CX|A`|7)I<1TGNM2IXrb`nX#vr*rnWtJA&#zx{Qe>Dt
z#DqbcO|uy%Spg;4hcQ_B?dYBp02AvLaY?<9mwki~iDByt*&2Aez+Pbs7Xg#wu97Q$
zLLhLg8HC%HV<g7}dR+Dmyv<?$QmfSdNSjWiGckxC*W@pmb#yOYszBuz3xMFE*k<Ey
z6jkKcYmI~STl5h!1wwh|I^dRo$fLToga&HAQ-iH36yO1Vil#k9z8`UfXwWMvJd~qJ
zp>2Q6m*-HWp0)&d_@;|*gtMMR(pJZu<9*CuV*DGs$ff1CFpW;HB?G1=yO9yA44}rG
z$qBZJL$^S9mmyxcsx>~)cHA(IAP$f_m=vInUjqJ?3O8xW`)hXAi(Sun#%&$cM_CrM
z8fPsd7$IdafqJ=zh3ff*PXhC*t9H0+fG;Lp-jKX_G8qwftpx9W#<otw#u*s@b&Z>v
zP;ustnDsI_zHNfi$JZh@=+$Yef1N8Py>ws_KsF_x-v#Zst;;+V>z2`BZ#=1t4;J9X
zwhp~klLD2l3V!wDO)<h3@U$4|iywmHXGt3!6FxdBl;xP?e5`H8Rl}9%va%!tRSxEp
zG|?a4QHQUmm{P0++ziZi2ezWw_ojS2icmtTjZHj2%K07#d#G`le<d&D;cb|EuP1Ej
zO0|*l(S?$R1LNDxBl=M{SM8Z@!x1a6(Ae+=ce;`%o2Co_wG#x~o7!8`5mkKyZuFiJ
zce(`?t8m*{dW-zY+6q{<K57Uo@l4+_mn=P<YpsMBLx$PRs|jXQg9sO2>sZ*dS#bAZ
z2x{zyK<%hknC$d&$(pCG#qk%fxV#Kv^DL&lYcCKh<jl4!8+}DGq5f>D+pyWL@CAgS
z@>i1rmtU_lZc1@7<$wryt@tHdFcBhaQfmMr>h@FE@Hob~tG*J?eU0kLt4~nx9N2nh
z3~|taYwN|MLcVe@z38g-C~kcgLCppnwW*zJPo~DFN`=Wc4Mi7Pv`=GD2n)%%NbO8T
zc-N2B1V-=y<PyHhI0&-2mX<}%TM`cZ5FnYej<h}q7H9OXX1^1lUeR)}Z{^LHl7_Tv
zR^`lYn=5pmT02B*yk`n~SgyuhrEFjqhR@KEip4m(cvUXAE&A|6JL!m_ru=XV%J>7G
zF>GN(8t5vdD%x(*Xg+F3d^fODx1i{lC<^t%&Jcni?fO4p&PR~e5g<sb?&Y%kDIp^N
zA54?s;@z9B_oDOvqc{G)^bSvRAnMJL75|ss_vh*cni{(=1|&dYO)r7x7f@wsvouoi
zh~VW=d)%WsZQPg#Qe3B6X|mJr*TR+xW&2C3cgsHh@IosZS1ZyIc*J&Cc|8@AX}rAJ
zRDYBxUvfO_x<wIa@z@zJmNt~x_4V7J?cNSQbs3ipaA(@@*?dM(?&&*U$$-4oF6k_V
z&a)IBLrl*qUT9OpW|XGDjFICLWJy?3srSgCf0Jc{6a#e3PV#BU0$Zv-*zd5wW%)#r
zl!;@zFO6^(BVFF}L`~Vt7fk-i-+5N4XVazuS=}U%s%>&RdngPsFi09bZX>&+_1h9#
zR!ogk0(2YOj<b@A-{*&`F!Y9%*z9U52smlmC-bgv(QJGz;7MQuVLGnYFXKGdD!Tri
zkXWBVm=9r&w1wD?@nmD83Oi?iE@6|IxAgL#2A4DV7f;{;+xl==W&uz-%0GMBIW_*$
z5E<i?Zd{UV6{6~V-aJ{jo8@Qn=n_q*0~bnF+b%X#VM<K$=X0%@Q~r2Ctn20};OlsD
z<$dvtT}6*ecs-NfWyNHTMJ3A7IK^~?5Qsle?>juWDOLJBk@<k42-EU`hp)R11Vb*n
zY~nUK<X42C1vywS!~P<NDKZ=7&)1_xT5=?Msuwzm;m@z|R=#h98Rg+pKTI0ileE_{
z1(A|3;h7!R1UdT!W-@uu?4_@?(YP9Ij0W|O%r27jR$jPOdK&Cm?Ge>TJ&ecebkE)F
zZ}K;i)~?&E4ty6tQ{?VmY-ft|Nuf4S5SD1GI;M_SKTIt-w;TdoI*V|(Zt=aC{C=>u
z+3C6P5|M1{T}4+Q77{!%-_-`zp3%!vB`!zY?SxfMd@|YxUOVaiHPi*ZrBA9Ezl>zO
z%*~-@-ISH$m2amyiDKWX@t@f-(F`vcnr%#p6nX{8F!*Se3f3uxp0NcLc^Ei{eK-tC
z8V9e;^xU>j&0Ry0N4scQ7G#^s%%wU|mh6gx<V;D50=qOXVwC8YSgR{8mZ!Yy38m_?
zkbPtI2|tcD>8?phg?D93dA%pip_68Pjr5OIxkJK-NK$vy_h`G;c*-1+#9b!L$VZ58
zJ<T7z*y72}DU9PWoFVH+mztlp<0;3M`5`;iagaOcW%o0FG~eNXy>0-^`yEMw38lm0
zSfO_o)cR*j{K{6W!}kEe+qJNoyl@7zXiFShZ_z))p#t==y2HtHxG@t}W0UP?wH-4k
z$~cyQ{Rh*E24%VK-k%w5UCnLbZqJjdck-UX!i+gJS#4tkL+ZVq%(IR}wJX+vrzC<D
z;G<9tD*1VEl`)km?WsEGcnYsG%koU2v<cdV=1eF+bH`@Y^oqP2T{YwqEGgywTyHv!
zpCj>I_6wKRxL44-r@NRcQ0#dgc})%#^Vke6G;CabXnsw)sMxklaYz}Pjr`lfMws$b
zgL9*P(``H16~N)g<1oj-gR~3Ac{%?RISpTQacS26R4b#yn!nLg<s?7Ae{DpSUv;Ej
zeL(QlxU76i2{Doskom!_t9ALW?wWxIr<>5#PW=(>uDK@jIK)M`oD1f&?d(2d)o=7B
z3s$rG=7;Fm{Nr_?*Tz(b5+Ruw$?T{Y@s`2aH$KyGQMtw<{lJsCU<cS5B@(C5^IQI0
z&%AXndi0iKBaC0-pTzKAg2N#|ahS{v*T6C^OBVN9MyH?^rr8B{L2uwSN*a+wznE!!
zX3=cBpAHUyInZroMG{bt%P%EC9*<Oo?+gy=66r-Kd}#xk9CxFtR}l5p;ZYS6zl^Cx
zR&r|vThipBaF7TJrgKBCTP{>*A}4=KCiFN`PmbrhU3b7#B}d~2z0=aD*b9o77&PIE
zf$9(-^LvxtSI$4gmo{MX87=L6(JIdkeFjPmaHEO%HyqqAb<2#+I-DLRleGpHJ-uyP
zyzF;|Ai!_X?Lr1>+%o<f-t5)ZMYNR({O~1knySPno6b5Gqpu^&fu2`uYI@(R{|0}}
z^{$&1?MsWw1&zd~`7=@<8qJh=mtUQ4u0Xw_D>^z-GoDae=0B>1CGrwc{h`geLy=(|
zupWgO1ZwL(q?2N%1v};z0@24>p9c%`0Kf)Xo6qvic9+?1k|$*RfrWT>x*_zTgE>6Y
z%EqXlZE?LDJQ7u(!v^e6*T0q!bfY@Bz?Od5AB?|E^h-2smQ!u*><=BrXx28)tqXNb
z);1hJ$Cfa2!8D>}fcqe8BWr~fKwv!6KjcJrE>Y@fvh(zNTtZkla9$?=FuiUel=;wA
zXJsJzP=X-xqqQQQKd4GoL#9HH{dXI11sfm~QW?$=gSOi5en)P(xu7V|GmqC#RedmZ
zcRF?8QMQj7ew;Z#0Ggcqun#QVUW;f4qN;fi5|{Q$_|#u{mkdx$CwuGbmAO|I$V7sJ
zURu@~BS_GuH_saCk1#8%LI&T|NL0DRlA@f`=5@p{u>`;3_XpX?&!)M=N)k#;>jIEg
zVMOwVV?Vy(cKNZmepxZTYW(L%1?=N@>H@Z&w_leNlRM_K9jpdU=~5V%bftR&cPpBO
zan5@p2<7IHaW0Avl~xa)x%9{>dphO6U2H=y0FGvbsl_$~H-LN1XXNOK(MM7#twYi$
z7*%2462thohyWYQ*#_-Eb>>WjX8Ofo7d7+qAr#Gi&8jK!m?(!*Keyks-oWKN?Rm(J
z$<3Kc`}syFSdY>$d<{LgAlCP4ks|W1;>qx;&!@A9%b#nZW4~_%+7v3_`GFtJVg3w$
zLfUQsMF!k+@I+m)gXQnO#u3ngOr&&TwJ^+H>YsJH>w`Hi$F5mo^?24!=!t0wCu)?=
zul`-+3el@8#tPV~FZ{~*sQ+aV%otH>W{!8-koie?42KiARF?IC{HZ-!rAQ$ITY$f<
zm#AmvKKBUs!=+yiUlDcmBW%%#MDH)Mu9LH{-`lMAQt?b~r`daQ%I8R~f}ZCjrnA^U
z+~l5InVG`}yD$<rmBX@~oNOO}XEYjh`B0z7g3Roc7o0p$HgcbwEI^MOiJ0mv9e3ua
zDhHAV&}YdeuN+pivHKQT<hD@nf36u!%R<r;;nO$v1=HYFc+>K0s?bRM>DA`pmf6a1
zDtB%MYfs#YocWAYZ4hzi6P87*A4SWBqx39s{Jf(R&x?C?l?3$`y;&C;Pn^vintg5I
zUYN!wh~Ze*SL`C(5YGQ?XQcEZ3<Pw}ywA!?u{Sh1$J(8L^nl_0iMGrT5ePekl!#D(
t3LozQAr1lE6W#UKOCTt@KigwXn?pk{oIb1jmX=R;Di4g%#Q(RY{TIa_xdi|K


From a6701a16e984c8291e4669196d5a84e10be46ef7 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 12:08:28 +0200
Subject: [PATCH 30/32] pass the parameter

---
 scenarios/tls.benchmarks.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scenarios/tls.benchmarks.yml b/scenarios/tls.benchmarks.yml
index 58dd1e510..2fb2b8f16 100644
--- a/scenarios/tls.benchmarks.yml
+++ b/scenarios/tls.benchmarks.yml
@@ -19,11 +19,11 @@ jobs:
       # behavioral settings
       mTLS: false # enables settings on http.sys to negotiate client cert on connections
       tlsRenegotiation: false # enables client cert validation
+      certPublicKeyLength: 2048 # controls cert with such a length is used for the test
       # debug settings
       certValidationConsoleEnabled: false
       statsEnabled: false
       logRequestDetails: false
-      certPublicKeyLength: 2048
     arguments: "--urls https://{{serverAddress}}:{{serverPort}} --mTLS {{mTLS}} --certValidationConsoleEnabled {{certValidationConsoleEnabled}} --statsEnabled {{statsEnabled}} --tlsRenegotiation {{tlsRenegotiation}} --logRequestDetails {{logRequestDetails}} --certPublicKeyLength {{certPublicKeyLength}}"
 
   kestrelServer:
@@ -37,11 +37,12 @@ jobs:
       mTLS: false
       tlsRenegotiation: false
       tlsProtocols: "tls12,tls13"
+      certPublicKeyLength: 2048 # controls cert with such a length is used for the test
       # debug settings
       certValidationConsoleEnabled: false
       statsEnabled: false
       logRequestDetails: false
-    arguments: "--urls https://{{serverAddress}}:{{serverPort}} --mTLS {{mTLS}} --certValidationConsoleEnabled {{certValidationConsoleEnabled}} --tlsProtocols {{tlsProtocols}} --statsEnabled {{statsEnabled}} --tlsRenegotiation {{tlsRenegotiation}} --logRequestDetails {{logRequestDetails}}"
+    arguments: "--urls https://{{serverAddress}}:{{serverPort}} --mTLS {{mTLS}} --certValidationConsoleEnabled {{certValidationConsoleEnabled}} --tlsProtocols {{tlsProtocols}} --statsEnabled {{statsEnabled}} --tlsRenegotiation {{tlsRenegotiation}} --logRequestDetails {{logRequestDetails}} --certPublicKeyLength {{certPublicKeyLength}}"
 
   dockerLinuxKestrelServer:
     sources:

From c6615a1adf3970c5c6c001914ccf2c194e84bf90 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 13:02:14 +0200
Subject: [PATCH 31/32] prepare reset

---
 .../TLS/HttpSys/NetSh/NetshConfigurator.cs    | 21 +++++++++++++------
 src/BenchmarksApps/TLS/HttpSys/Program.cs     |  5 ++++-
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
index 797ed791d..172f50986 100644
--- a/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/NetSh/NetshConfigurator.cs
@@ -5,6 +5,8 @@ public static class NetshConfigurator
         private static readonly NetShWrapper _netshWrapper = new();
         private static string _certThumbprint;
 
+        private static string _resetCertThumbprint;
+
         public static SslCertBinding PreConfigureNetsh(
             string httpsIpPort,
             int certPublicKeyLength = 2048,
@@ -43,22 +45,29 @@ public static SslCertBinding PreConfigureNetsh(
         public static void LogCurrentSslCertBinding(string httpsIpPort)
             => _netshWrapper.LogSslCertBinding(httpsIpPort);
 
-        public static void ResetNetshConfiguration(
-            string httpsIpPort,
-            int certPublicKeyLength = 4096)
+        public static void PrepareResetNetsh(string httpsIpPort, int certPublicKeyLength = 4096)
+        {
+            if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _resetCertThumbprint))
+            {
+                throw new ApplicationException($"Failed to self-sign a cert for '{httpsIpPort}'.");
+            }
+        }
+
+        public static void ResetNetshConfiguration(string httpsIpPort)
         {
             // delete cert binding and cert itself. We want it to be as clean and deterministic as possible (even if more actions are performed)
             _netshWrapper.DeleteBindingIfExists(httpsIpPort);
             SslCertificatesConfigurator.RemoveCertificate(_certThumbprint);
 
-            if (!_netshWrapper.TrySelfSignCertificate(httpsIpPort, certPublicKeyLength, out _certThumbprint))
+            if (string.IsNullOrEmpty(_resetCertThumbprint))
             {
-                throw new ApplicationException($"Failed to self-sign a cert for '{httpsIpPort}'.");
+                throw new ApplicationException($"Reset certificate is not prepared for '{httpsIpPort}'.");
             }
 
+            // reset certificate was prepared in advance - just bind it at this moment
             _netshWrapper.AddCertBinding(
                 httpsIpPort,
-                _certThumbprint,
+                _resetCertThumbprint,
                 disablesessionid: NetShFlag.NotSet,
                 enablesessionticket: NetShFlag.NotSet,
                 clientCertNegotiation: NetShFlag.NotSet);
diff --git a/src/BenchmarksApps/TLS/HttpSys/Program.cs b/src/BenchmarksApps/TLS/HttpSys/Program.cs
index 580bd6a19..ad2007b1a 100644
--- a/src/BenchmarksApps/TLS/HttpSys/Program.cs
+++ b/src/BenchmarksApps/TLS/HttpSys/Program.cs
@@ -29,6 +29,9 @@
     disablesessionid: NetShFlag.Enable,
     enableSessionTicket: NetShFlag.Disabled);
 
+// because app shutdown is on a timeout, we need to prepare the reset (pre-generate certificate)
+NetshConfigurator.PrepareResetNetsh(httpsIpPort, certPublicKeyLength: 4096);
+
 #pragma warning disable CA1416 // Can be launched only on Windows (HttpSys)
 builder.WebHost.UseHttpSys(options =>
 {
@@ -137,5 +140,5 @@
 Console.WriteLine("Application stopped.");
 
 Console.WriteLine("Starting netsh rollback configuration...");
-NetshConfigurator.ResetNetshConfiguration(httpsIpPort, certPublicKeyLength: 4096); // a default value
+NetshConfigurator.ResetNetshConfiguration(httpsIpPort);
 Console.WriteLine($"Reset netsh (ipport={httpsIpPort}) completed.");
\ No newline at end of file

From 9212997cbd985ab7f18574b37733b7404646b8e4 Mon Sep 17 00:00:00 2001
From: Dmitrii Korolev <dmkorolev@microsoft.com>
Date: Thu, 3 Apr 2025 13:13:15 +0200
Subject: [PATCH 32/32] fill in cred scan

---
 .config/CredScanSuppressions.json | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json
index c384837b3..6afbaced4 100644
--- a/.config/CredScanSuppressions.json
+++ b/.config/CredScanSuppressions.json
@@ -18,11 +18,27 @@
       "_justification": "Legitimate development X.509 Certificate Private Key"
     },
     {
-      "file": "src/BenchmarksApps/TLS/HttpSys/testCert.pfx",
+      "file": "src/BenchmarksApps/TLS/Certificates/2048/testCert-2048.pfx",
       "_justification": "Legitimate development X.509 Certificate Private Key"
     },
     {
-      "file": "src/BenchmarksApps/TLS/Kestrel/testCert.pfx",
+      "file": "src/BenchmarksApps/TLS/Certificates/2048/cert.pem",
+      "_justification": "Legitimate development X.509 Certificate Private Key"
+    },
+    {
+      "file": "src/BenchmarksApps/TLS/Certificates/2048/key.pem",
+      "_justification": "Legitimate development X.509 Certificate Private Key"
+    },
+    {
+      "file": "src/BenchmarksApps/TLS/Certificates/4096/testCert-4096.pfx",
+      "_justification": "Legitimate development X.509 Certificate Private Key"
+    },
+    {
+      "file": "src/BenchmarksApps/TLS/Certificates/4096/cert.pem",
+      "_justification": "Legitimate development X.509 Certificate Private Key"
+    },
+    {
+      "file": "src/BenchmarksApps/TLS/Certificates/4096/key.pem",
       "_justification": "Legitimate development X.509 Certificate Private Key"
     },
     {