Delay in SSL socket connection?

Discussion in 'Java' started by Rick Genter, Nov 7, 2003.

  1. Rick Genter

    Rick Genter Guest

    I'm having a problem with an SSL socket connection taking a long time
    to complete. I am using J2SE 1.4.2 and using the JSSE package included
    therein. My code is lifted straight from the tutorials on how to use
    JSSE. The problem I am facing boils down to the fact that the line of
    code:

    Socket socket = factory.createSocket(host, port);

    typically takes 4.5 seconds to execute. This is between two machines
    communicating over the Internet with a typical ping time of 30
    milliseconds. Other (non-SSL) socket connections in the same
    application between the same two machines are taking < 100
    milliseconds. Occasionally the above line of code takes much LONGER to
    execute; I've seen it take as long as 23 seconds.

    Can anyone point me in a direction to try to improve the performance
    of my application in this regard? Thanks.


    Rick
     
    Rick Genter, Nov 7, 2003
    #1
    1. Advertising

  2. Hi,

    I guess you're validating the certificates for the SSL connection. Try
    to write a custom Trustmanager for JSSE that caches validation results
    for some time in memory, so that at least opening connection to the
    same peer gets faster. For the initial connection, you cannot do much
    probably.

    Ciao,
    Ronny

    --
    +----------------------------------+---------------------------------+
    | Ronny Schuetz | Phone : +49-7031-14-4714 |
    | Hewlett-Packard GmbH | Fax : +49-7031-14-2221 |
    | Boeblingen / Germany | Telnet : 777-4714 |
    | Enterprise Integration Solutions | Voicemail: 1392.1144714 |
    | Platform Services | email : |
    +----------------------------------+---------------------------------+
     
    Ronny Schuetz, Nov 8, 2003
    #2
    1. Advertising

  3. Rick Genter

    EJP Guest

    You don't really need to do this as long as you keep using the same
    SSLSession, which is what happens by default.

    Ronny Schuetz wrote:
    >
    > Hi,
    >
    > I guess you're validating the certificates for the SSL connection. Try
    > to write a custom Trustmanager for JSSE that caches validation results
    > for some time in memory, so that at least opening connection to the
    > same peer gets faster. For the initial connection, you cannot do much
    > probably.
    >
    > Ciao,
    > Ronny
    >
    > --
    > +----------------------------------+---------------------------------+
    > | Ronny Schuetz | Phone : +49-7031-14-4714 |
    > | Hewlett-Packard GmbH | Fax : +49-7031-14-2221 |
    > | Boeblingen / Germany | Telnet : 777-4714 |
    > | Enterprise Integration Solutions | Voicemail: 1392.1144714 |
    > | Platform Services | email : |
    > +----------------------------------+---------------------------------+
     
    EJP, Nov 9, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Paul
    Replies:
    0
    Views:
    2,040
  2. Replies:
    1
    Views:
    5,122
    Rogan Dawes
    May 1, 2006
  3. Krzysztof Pa¼
    Replies:
    1
    Views:
    680
    Krzysztof Pa¼
    Sep 26, 2003
  4. Silviu Tudoras

    Moving from an SSL to an non-SSL connection

    Silviu Tudoras, Jul 25, 2003, in forum: ASP .Net Security
    Replies:
    1
    Views:
    138
    Michal A. Valasek
    Jul 25, 2003
  5. Replies:
    1
    Views:
    282
Loading...

Share This Page