Does anyone have any comparison facts or opinions on the difference in running SSL in apache vs. SSL in tomcat (Java)? We're running on Sun boxes and using JDK 1.4.1 if that matters (other than JSSE is built-in).
Most of our sites are dynamic, but we are currently using a web server for authentication and SSL encryption (the whole site, not just part of it) and a few static pages. We are required to password protect and encrypt the entire site. I am tempted to do away with our web server, but am a little nervous about doing computationally intensive stuff with Java and what the performance would be. I will have to use JNDI Realms to authenticate to our LDAP server also, but I do quite a bit with JNDI already and am a bit more comfortable with that issue. Thanks for any insight. Lloyd
