Craig R. McClanahan wrote:
>
> JSSE exposes the underlying SSL session and offers an API with storable
> attributes like an HttpSession. Tomcat 4 caches its converted version of
> the cert chain there (to avoid reparsing every single time). Could you do
> something similar and transfer the certs only at the beginning of an SSL
> session, and cache them on the Java side?
>
> This would require mod_ssl to tell you when an SSL session begins and ends
> ... I don't know if it does that.
>
I thought the problem was that mod_ssl only passes the one cert. If it
somehow allows access to the whole chain, then definitely ... you could
cache it like TC4. I'd be willing to help with that =)
- Christopher
/**
* Pleurez, pleurez, mes yeux, et fondez vous en eau!
* La moitié de ma vie a mis l'autre au tombeau.
* ---Corneille
*/
