Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-1223

SslContext creation caching

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • None
    • 3.5.9
    • SSL
    • None

    Description

      SSL setup is rebuilt on every connection, and this is very costly when creating SSL connection.
      Loading the trust store and key store (parsing PEM/PKCS12 and building the trust/key managers) is the costly part of opening an SSL connection, and it is repeated for each new SSL connection.
      Goal is to cache the parsed trust and key managers and reuse them across connections, SSL socket factory will still be created fresh per connection on purpose, so no TLS session is shared between connections (no resumptions).

      (cache key includes the SSL configuration plus a trust file check (last-modified + size), so replacing a store file on disk remove cache).

      Attachments

        Activity

          People

            diego dupin Diego Dupin
            diego dupin Diego Dupin
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.