Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8129988

JSSE should create a single instance of the cacerts KeyStore

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b152
    • Verification:
      Not verified

      Backports

        Description

        Currently, each TrustManagerFactory instance reads the cacerts file and creates a KeyStore. This is wasteful and can negatively affect performance, especially when multiple threads are involved, each establishing their own SSLContext.

        Instead, we should investigate creating a single instance of the cacerts KeyStore. There is already a method in sun.security.validator.KeyStores.getCaCerts() that does this, but it is commented out.


          Attachments

          1. KeyStore_TrustManagerImpl.patch
            9 kB
            Luyang Wang
          2. SSLContextPerform.java
            0.4 kB
            Xue-Lei Fan

            Issue Links

              Activity

                People

                Assignee:
                xuelei Xue-Lei Fan
                Reporter:
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                11 Start watching this issue

                  Dates

                  Due:
                  Created:
                  Updated:
                  Resolved: