[jetty-users] HTTPS on Raspberry very slow

Fri, 24 Nov 2017 09:40:44 -0800 

Dear Jetty Users and supporters

 We are using jetty in a project and run it in a OSGi Equinox runtime as the
webserver for hosting JAX-RS components. 
That all works fine on server, desktops, Cloud nodes, etc.  

But in the project we need to run the some runtime on smaller devices like
an Raspberry PI model 3. 
Because of security requirements we must rely on HTTPS instead of HTTP. But
when we change our configuration
from HTTP to HTTPS (using a 4096 byte key) the response times increases
significantly from fast enough (t<<1sec) 
to very slow (t >>5 sec).  

The configuration we use for HTTP is: 

-Dtruststore.path=${TRUSTSTORE_LOC} 
-Dorg.eclipse.equinox.http.jetty.http.enabled=true 
-Dorg.eclipse.equinox.http.jetty.https.enabled=false 
-Dorg.eclipse.equinox.http.jetty.ssl.keystore=${KEYSTORE_LOC}/keystore.jks
-Dorg.eclipse.equinox.http.jetty.ssl.password=aquasi 
-Dorg.eclipse.equinox.http.jetty.ssl.keypassword=somethin 
-Dorg.eclipse.equinox.http.jetty.http.port=80 
-Dorg.eclipse.equinox.http.jetty.https.port=443
-Dorg.eclipse.equinox.http.jetty.ssl.wantclientauth=false 
-Dkeystore.path=${KEYSTORE_LOC}" 

With the java start command where JETTY_PARAM has the above configuration

Java -Declipse.ignoreApp=true -Dosgi.noShutdown=true  $JETTY_PARAM -Xms512m
-Xmx800m -jar plugins/org.eclipse.equinox.launcher_1.4.0.v20161219-1356.jar
-console 8021 -consoleLog

For https we use the following configuration: 

-Dtruststore.path=${TRUSTSTORE_LOC} 
-Dorg.eclipse.equinox.http.jetty.http.enabled=false 
-Dorg.eclipse.equinox.http.jetty.https.enabled=true 
-Dorg.eclipse.equinox.http.jetty.ssl.keystore=${KEYSTORE_LOC}/keystore.jks
-Dorg.eclipse.equinox.http.jetty.ssl.password=aquasi 
-Dorg.eclipse.equinox.http.jetty.ssl.keypassword=something 
-Dorg.eclipse.equinox.http.jetty.http.port=80 
-Dorg.eclipse.equinox.http.jetty.https.port=443 
-Dorg.eclipse.equinox.http.jetty.ssl.wantclientauth=false 
-Dkeystore.path=${KEYSTORE_LOC} 

We just changed the values of http.enabled and https.enabled from true to
false and vice versa, 

Any idea what can be the reason for the really slow response time using
HTTPS? 

Any idea and hint is welcome! 

Thanks

Harald 

 


_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users

Reply via email to