Actually one of the benefits I could see in reguards to using OpenSSL for SSL in tomcat is the ability for OpenSSL to hand of the encryption to a hardware acceleration device. We have that set up in front of some of our installations that have Apache frontending tomcat clusters using the AJP connector.
We had to do this because with a high volume of traffic going through the box running apache load balancing, the CPU was bogged down doing encryption/decryption instead of doing the load balancing between 12 or so tomcat servers so throughput performance suffered. Once we hooked mod_ssl into a hardware accelerator card the CPU was free to do it's usual load balancing tasks. Although there seems to be limited availiablity of SSL cards that are supported for Win32. If anyone has had luck configuring this set up and has an SSL accelerator card they recommend please feel free to let me know. -rOcK -----Original Message----- From: Nate Rock [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:29 PM To: Tomcat Users List Subject: RE: Upgrading Tomcat The same architecture change that allows tomcat to serve static content quickly (the APR native connector) also allows Tomcat to use OpenSSL instead of the JSSE for SSL which should improve performance. I have been trying to get it configured using Tomcat 5.5.12 (native APR connector) for the past few days and have hashed out a process with a few other peeps in the list to configure it, but there are still a few small details that need some clarification. -rOcK -----Original Message----- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:22 PM To: users@tomcat.apache.org Subject: FW: Upgrading Tomcat Thanks for finding this link. Beside the explanation on various packages of TOMCAT, the message in there also suggests that it is not worthy to use APACHE on a top of TOMCAT due to TOMCAT now is handling static pages almost as good as APACHE. But what about handling SSL - somewhere I read that APACHE handles encryption much better than TOMCAT. Is it still true? -----Original Message----- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:05 PM To: Tomcat Users List Subject: RE: Upgrading Tomcat > From: Rhino [mailto:[EMAIL PROTECTED] > Subject: Re: Upgrading Tomcat > > I'm having trouble finding the note you mentioned in the mailing list > archives. It's here: http://marc.theaimsgroup.com/?l=tomcat-user&m=113332618812952&w=2 > I'm trying to figure out the following: > - does "Core" include the Administration webapp? It did in 5.0, does not in 5.5. > - does "Core" include the Deployer? If not, what does the Deployer do? No. See the referenced e-mail. > - does "Core" include the Embedded bundle? If not, what does it do? No. See the referenced e-mail. > - when do I want do download "Core" as a Windows Executable and when > do I want to download it as a zip? I never use the .exe since it's missing the .bat (and .sh) scripts, which are useful for debugging. See the referenced e-mail. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
