Greg Soltis Greg Soltis - 9 months ago 48
Java Question

Slow Java SSL in a netty application

I'm experiencing a significant performance degradation using netty's

vs an external SSL terminator like stud or stunnel. The difference is about 100ms in time to complete the handshake. I requested the same resource from my application several hundred times via httperf and made sure that the same cipher (DHE-RSA-AES128-SHA) was used in each case.

This question got no accepted answers, but the comments indicated that running an SSL terminator in front of a Java process might be a good idea.

Is this expected behavior? Is Java's SSL implementation known to be this much slower, or is it possible that I have some setting configured improperly?

Answer Source

Yeah it's known to be slow, compared to openssl,.. You could try to use native openssl bindings like twitter does:

This is one reason for apr and SSL: