John,
On 3/31/22 10:50, John Dale (DB2DOM) wrote:
Hi Chris;
I'm measuring the time taken to process a request as reported by
inspector-network in brave.
SSL time to process through tomcat is 11ms.
Same request for a smaller file using a java SSL socket is taking 50ms
.. like this:
public sta
Hi Chris;
I'm measuring the time taken to process a request as reported by
inspector-network in brave.
SSL time to process through tomcat is 11ms.
Same request for a smaller file using a java SSL socket is taking 50ms
.. like this:
public static SSLServerSocket getServerSocketWithCert(int port,
John,
On 3/26/22 22:29, John Dale (DB2DOM) wrote:
Can you help me understand why Tomcat's SSL handling is so much faster
than hand rolling it on a regular socket?
I think you'll need to define some terms.
For example, what do you mean when you say "faster", and how are you
measuring that?
___
>From: Caldarale, Charles R [chuck.caldar...@unisys.com]
>Subject: RE: Question about SSL
>
> In windows, the service account shows up as: .\tomcat_user
> I have that service set to start manually.
>If you used the tomcat6w.exe program to
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: RE: Question about SSL
>
> In windows, the service account shows up as: .\tomcat_user
> I have that service set to start manually.
If you used the tomcat6w.exe program to set the service's logo
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Question about SSL
>
> Could you provide a reference for this? I'd like to read more about
> MSIE and SSL problems.
http://www-01.ibm.com/support/docview.wss?uid=swg1PK37731
http://www.servlets
> From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
> Subject: RE: Question about SSL
>
> keytool -genkey -alias tomcat -keyalg RSA -keystore "C:\Documents and
> Settings\tomcat_user\.keystore"
> Is Tomcat actually running under the tomcat_user account?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 2/24/2010 5:00 PM, Caldarale, Charles R wrote:
>> From: Propes, Barry L [mailto:barry.l.pro...@citi.com]
>> Subject: RE: Question about SSL
>>
>> I feel his pain. We're still on IE6. : (
>
> Also note
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: RE: Question about SSL
>
> keytool -genkey -alias tomcat -keyalg RSA -keystore "C:\Documents and
> Settings\tomcat_user\.keystore"
Is Tomcat actually running under the tomcat_user account
> From: Propes, Barry L [mailto:barry.l.pro...@citi.com]
> Subject: RE: Question about SSL
>
> I feel his pain. We're still on IE6. : (
Also note that IE6 has serious problems doing SSL over anything other than port
443. (Another example of Microsoft thinking it knows b
e feedback.
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Wednesday, February 24, 2010 2:22 PM
To: Tomcat Users List
Subject: Re: Question about SSL
Leo Donahue - PLANDEVX wrote:
> https://localhost:8443
>
> Using IE6, I get a message saying you are abo
ary 24, 2010 3:22 PM
To: Tomcat Users List
Subject: Re: Question about SSL
Leo Donahue - PLANDEVX wrote:
> https://localhost:8443
>
> Using IE6, I get a message saying you are about to view a page over a secure
> connection, but the page never loads. No errors in the logs. The ROOT
Leo Donahue - PLANDEVX wrote:
https://localhost:8443
Using IE6, I get a message saying you are about to view a page over a secure
connection, but the page never loads. No errors in the logs. The ROOT webapp
is still there, no lock icon in the browser.
IE6 status bar just says: "Opening pag
:8443/...";
And eventually, IE6 responds with "The page cannot be displayed".
-Original Message-
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Wednesday, February 24, 2010 12:46 PM
To: Tomcat Users List
Subject: RE: Question about SSL
> From:
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: RE: Question about SSL
>
> Generating the .keystore is not tied to the user issuing the java
> command is it?
No.
> Can I move the .keystore file to home directory of the
> account tomcat is r
, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Wednesday, February 24, 2010 12:12 PM
To: Tomcat Users List
Subject: RE: Question about SSL
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: RE: Question about SSL
>
> The docs say you can change the loc
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: RE: Question about SSL
>
> The docs say you can change the location of the .keystore file. Where
> "should" it go?
Wherever the administrative policies of the site say it should go.
>
Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Wednesday, February 24, 2010 8:44 AM
To: Tomcat Users List
Subject: RE: Question about SSL
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Question about SSL
>
> 1. Request protected resource, non
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Question about SSL
>
> 1. Request protected resource, non-CONFIDENTIAL
> 2. Tomcat responds with login page, login page is configured as
> CONFIDENTIAL
I can't remember if that works; it woul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Leo,
On 2/23/2010 6:18 PM, Leo Donahue - PLANDEVX wrote:
> My sysadmin suggested we disable IIS and let Tomcat handle the SSL
> certificates, since it seems easier to implement.
Removing unnecessary complexity is always a good idea.
- -chris
-BE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 2/23/2010 5:18 PM, Caldarale, Charles R wrote:
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Subject: Re: Question about SSL
>>
>> 1. doesn't apply (I think) to the login page that
>
easier to implement.
-Original Message-
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Tuesday, February 23, 2010 3:19 PM
To: Tomcat Users List
Subject: RE: Question about SSL
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re:
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Question about SSL
>
> 1. doesn't apply (I think) to the login page that
> Tomcat serves, even if you set it.
If the requested resource is covered by the security constraint that includes
the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck and Leo,
On 2/23/2010 4:25 PM, Caldarale, Charles R wrote:
>> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
>> Subject: Question about SSL
>>
>> "...It is not strictly necessary to run an entire web application over
>> SSL,
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: Question about SSL
>
> I need to implement SSL for Tomcat 6.0.24 on Windows 2003 Server R2 SP2
> that is already running IIS 6.0. Should I implement SSL using IIS or
> Tomcat?
Probably IIS, but I'm not very familiar
25 matches
Mail list logo
