Hi, So it seems conscrypt has even more memory leaks: https://github.com/google/conscrypt/issues/835 https://github.com/google/conscrypt/issues/984
Conscrypt doesn't appear to be sufficiently reliable to be used in production. Setting up jetty to listen only on localhost without SSL and having an nginx (or other web server) reverse proxy to provide SSL is possible but unlikely something that is acceptable as encryption is required all the way to the java process. In this case a tcp dump would reveal passwords. Jetty, it seems, is trapped behind Java's relatively slow SSL implementation. Does anyone have ideas on how fast secure communication to jetty might be done? For example: * Perhaps someone has working openssl with jetty and that is comparable with the performance of conscrypt. * Perhaps the locally running reverse proxy can securely communicate with jetty without https. cheers, -Luke
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
