JDK-6990459 : Overhead of loading certificates
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7
  • Priority: P2
  • Status: Resolved
  • Resolution: Won't Fix
  • OS: windows
  • CPU: x86
  • Submitted: 2010-10-07
  • Updated: 2024-04-12
  • Resolved: 2014-06-06
Related Reports
Relates :  
JDK-8038277 - Improve the bootstrap performance of cacerts keystore
Relates :  
JDK-6990462 - Overhead of code signers & protection domains
Description
If we need to validate certificate then we are loading several different certificate stores including browser certificate stores. We are spending 50-100ms to do so. Actual loading logic is either direct call to keystore.load() (and these account for 30-60ms) or we instantiate certificates one by one from byte streams. However, even in later case most of the work is spent instantiating certificates.

Most of these certificates are not needed (we really need at most one) and it will help a lot if they can be cheaply instantiated.
Comments
There is not enough data in the original request to evaluate the issue. If this is still a problem in the future, please open a new issue with more details.
06-06-2014
There is not enough time to address this in JDK 8, will look at this more for JDK 9.
19-08-2013