Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8129988

JSSE should create a single instance of the cacerts KeyStore

    Details

    • Subcomponent:
    • Resolved In Build:
      b152
    • Verification:
      Not verified

      Backports

        Description

        Currently, each TrustManagerFactory instance reads the cacerts file and creates a KeyStore. This is wasteful and can negatively affect performance, especially when multiple threads are involved, each establishing their own SSLContext.

        Instead, we should investigate creating a single instance of the cacerts KeyStore. There is already a method in sun.security.validator.KeyStores.getCaCerts() that does this, but it is commented out.


          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  xuelei Xue-Lei Fan
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  10 Start watching this issue

                  Dates

                  • Due:
                    Created:
                    Updated:
                    Resolved: