Poor performance in establishing an SSL connection
843811Apr 9 2003 — edited Apr 15 2003Hi,
i have a Servlet (loaded on Tomcat 4.1) that establishes a SSL Connection to a remote server. The issue is, is that the connection phase takes over 4 seconds to complete!
heres the function where the problem shows
public SSLSocket getSocket()
throws NoSuchAlgorithmException, KeyStoreException, FileNotFoundException,
IOException, KeyManagementException, CertificateException,
UnrecoverableKeyException
{
/*
* Set up a key manager for client authentication if asked by the server.
*/
SSLSocketFactory factory = null;
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
// Set the SSL Context to TLS (required for Client certs).
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance(ksType);
// Load in the KeyStore.
ks.load(new FileInputStream(ksLoc), ksPassphrase);
kmf.init(ks, ksPassphrase);
// Generate some random data.
SecureRandom sr = new SecureRandom();
sr.nextInt();
// Initialise the SSL with the random data.
ctx.init(kmf.getKeyManagers(), null, sr);
factory = ctx.getSocketFactory();
/*
* Open the Socket to the SSL server. from this point we can treat
* it like and nomal Socket
*/
SSLSocket socket = (SSLSocket)factory.createSocket(servHost, servPort);
// Force the handshake
socket.startHandshake();
// Return the now open SSLSocket to the caller.
return socket;
}
the problematic line is:
SSLSocket socket = (SSLSocket)factory.createSocket(servHost, servPort);
it takes about 4.5 - 5.0 seconds to return. The remote server is based on the same LAN as this Servlet and so network lag should not be an issue (im accessing via 10.xx ip too)
Can anyone help me in determining why this takes so long?
Thanks !
Darren.