I think that you are out of luck with 3.2.x. With 3.3.1 and 4.1.10 you can use PureTLS (http://www.rtfm.com/puretls). (With 4.0.4, you need to use the CoyoteConnector plugin to enable it). I've heard good reports about using it with client-certs, but haven't tried it myself.
Unfortunately, the documentation is still a little weak. :( The best place is the 3.3.1 documentation http://jakarta.apache.org/tomcat/tomcat-3.3-doc/tomcat-ssl-howto.html. The translation to the 4.x CoyoteConnector is pretty straight-forward (the SSL attributes are on the Factory), but AFAIK, nobody has actually written it up yet. "Wolfgang Stein" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I realize you are also a German resident and > remember the download of JSSE were differing > for non-US citizens. > I assume we are victims of a hidden key escrow > or Echelon's information gathering efforts :-) > > But, all joking(?) aside: > This seems to be a known jdk1.4 issue. There are > some related postings at the developer connection > forums, e.g. > http://forum.java.sun.com/thread.jsp?forum=2&thread=239231) > > It ends up in the recommendation to use a commercial product > but also states that SUN's implementation were > "one of the better implementations" ... > > So, > did anybody succeed in using a third party JSSE that works > with tomcat and sufficient performance? Any suggestions ? > > > Thanks in advance, > Wolfgang > > > > -----Original Message----- > > From: Andreas Mohrig [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, September 10, 2002 2:20 PM > > To: 'Tomcat Users List' > > Subject: RE: Tomcat 3.2.4 slow with Jdk1.4 and SSL > > > > > > I'm using Tomcat 4.0.4 with Jdk1.4 (on both Linux-Server and > > Windows NT > > client) and worrying about a quite similar problem. The > > server is extremely > > fast (I'd say the answer takes some milliseconds) when I > > access it with a > > browser (e.g. MS IE 5.0), but it takes about 20 seconds (!) > > when I try a > > request using java code like this: > > > > URL url = new URL("https://myserver/myresource";); > > URLConnection con = url.openConnection(); > > BufferedReader reader = new BufferedReader(new > > InputStreamReader(con.getInputStream())); > > StringBuffer resultbuffer = new StringBuffer(); > > String result = reader.readLine(); > > while (result!=null) { > > resultbuffer.append(result); > > resultbuffer.append("\n"); > > result = reader.readLine(); > > } > > reader.close(); > > > > This is true for subsequent requests as well. The content > > consists of about > > 100 bytes which should be no problem. > > > > So: yes, I'm experiencing a heavy performance problem. I > > can't say if it is > > a performance decrease, though, since I did not test with > > older Jdk's and > > jsse (perhaps I should...). Any solutions, hints or > > suggestions would be > > very welcome! > > > > greetings > > > > Andreas Mohrig > > -----Original Message----- > > From: Wolfgang Stein [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, September 10, 2002 12:15 PM > > To: [EMAIL PROTECTED] > > Subject: Tomcat 3.2.4 slow with Jdk1.4 and SSL > > > > > > > > Migrating from Jdk1.3 to Jdk1.4 we encountered a significant > > performance decrease on SSL-communications (server certs) between > > Applets and Tomcat 3.2.4. > > > > Did anybody experience similar performance losses ? > > > > Does this happen because of a low SSL implementation in jdk1.4 ? > > Did anybody successfully provide a faster implementation? > > > > > > We used jdk1.4 on client and server-side. > > > > > > > > Thanks in advance, > > Wolfgang > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
