Net::HTTP initializes openssl library after TCP connection is established
When making an HTTPS connection, the Net::HTTP#connect method makes the following calls:
Here is a link to the 2.1.0 version, though the basic sequence is the same in trunk and as far back as 1.8.7, possibly earlier.
The problem is that between step 1 and 3, the server must keep the TCP socket open while the SSL client calls OpenSSL:SSL::SSLContext.new. The first time this code path is taken, step 2 has the side effect of initializing the OpenSSL library. This can take a non-trivial amount of time, and is made worse when several clients start at the same time.
I would suggest that the order of operations be switched to:
I've attached a patch that shows this. It is based off of trunk.