tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Burton <alex.j...@e-plus.com.au>
Subject Re: How to optimize Tomcat SSL
Date Mon, 14 Jun 2004 21:57:52 GMT
We use Apache HTTP on the front for SSL. Makes a world of difference.

Cheers,
Alex.

Jeremy Conner wrote:

> Is there any way to optimize Tomcat's SSL implementation?
>
> Can I change the protocol to only use 40 bit encryption?
> Can I change the default keep alive time for the SSL session?
> Are there any other values for 'protocol' other than TLS?
>
> I am running a web app that is using Axis for web service 
> communication to alot of client apps.  These apps communicate to the 
> server every 30 seconds.  I would like a way to cache the SSL session 
> so that handshaking is not happening every time.
>
> It looks like the typical answer to optimizing SSL is to not use 
> Tomcat for SSL and use Apache.  Is that really the recommended solution?
>
> Here is my current config:
>
>        <Connector 
> className="org.apache.catalina.connector.http.HttpConnector"
>                    port="8443"
>                    minProcessors="5"
>                    maxProcessors="100"
>                    connectionTimeout="60000"
>                    enableLookups="true"
>                    acceptCount="10"
>                    debug="0"
>                    scheme="https"
>                    secure="true">
>           <Factory 
> className="org.apache.catalina.net.SSLServerSocketFactory"
>                    clientAuth="true"
>                    protocol="TLS"
>                    keystoreFile="/serverKeys"
>                    keystorePass="password"/>
>         </Connector>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message