tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michał Kapituła <>
Subject Re: Slow SSL connections after Tomcat 5 to 7 migration
Date Fri, 06 May 2011 10:28:38 GMT

W dniu 2011-05-05 18:50, Christopher Schultz pisze:
> Hash: SHA1
> Michał,
> On 5/5/2011 10:21 AM, Michał Kapituła wrote:
>> I thought that seperate SSL Handshake could be made for each of the
>> requests, but I can't see such behaviour in the dumps. Only one or zero
>> threads commiting a handshake, others appear to autoaccept it (maybe not
>> a precise term).
> [snip]
>> No, nothing changed. Btw - the Tomcat version is 7.0.12 and JDK's is 6.0.14
> If you are using the BIO connector (which it looks like you are due to
> "org.apache.coyote.http11.Http11Protocol" in your<Connector>), then
> Tomcat doesn't have a great deal of control over the SSL handshake, etc.
> process. That's all up to the JRE itself since all of the SSL
> implementation comes from there. Tomcat can affect certain things like
> the ciphers used, etc. but basically everything is done by the runtime,
> not by Tomcat.
> Can you double-check to see if you are using the APR versions of the
> HTTP connectors? The best way to tell what's going on is to look at the
> startup messages when the connectors initialize themselves and emit a
> short log message to catalina.out. That will tell us what connector is
> actually being used.
Yes, I'm  positive that I'm using Java BIO connector, not the APR one 
(as I said before, I can't use one).

I've managed to run exact copy of production system's Tomcat on my own 
machine, so I'll have an opportunity to run these apps in Eclipse, 
experiment more with NIO connector and different server configurations, 
look in the jdk and tomcat source and maybe I'll find what's taking so long.

Still I'm open for any new ideas from anyone.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message