Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8129988

JSSE should create a single instance of the cacerts KeyStore

    Details

    • Subcomponent:
    • Resolved In Build:
      b152
    • Verification:
      Not verified

      Description

      Currently, each TrustManagerFactory instance reads the cacerts file and creates a KeyStore. This is wasteful and can negatively affect performance, especially when multiple threads are involved, each establishing their own SSLContext.

      Instead, we should investigate creating a single instance of the cacerts KeyStore. There is already a method in sun.security.validator.KeyStores.getCaCerts() that does this, but it is commented out.


        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                xuelei Xue-Lei Fan
                Reporter:
                mullan Sean Mullan
              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: