How to optimize Tomcat 6 SSL performance

networking ssl tomcat

SSL handshaking on each resource is a telltale sign that HTTP's keep-alive functionality isn't working.

With keep-alive, a single SSL handshake is done for a TCP connection, then multiple resources can be requested via that single connection. Modern browsers like to open more than one TCP connection to avoid bottlenecks on slow-loading resources, so you'll still see multiple handshakes, but certainly fewer than with keep-alive off.

maxKeepAliveRequests="0" is turning off keep-alive, I believe (I actually can't find documentation on what 0 does; 1 disables keep-alive and -1 sets no limit - I'm assuming 0 is also an effective disable).

If you intended to disable keep-alive, I'd recommend reconsidering; if you intended to set it to unlimited, change that option to -1.

Related

PREFIX versus NETMASK
Safest ciphers to use with the BEAST? (TLS 1.0 exploit) I've read that RC4 is immune
Akamai / CDN - How much do CDNs like akamai cost? [closed]
Third Party Wildcard Certificates for use with Microsoft NPS / RADIUS / PEAP
Can a virus spread through a network share used by an RDP connection?
Issues with ProxyPass and ProxyPassReverse when proxying to localhost and a different TCP port
Virtual Machine Host within Ubuntu Server
How can I tell who/what shutdown my CentOS VPS?
Number of logical processors per VM?
Windows Task Scheduler - Run Action when Process (EXE) is NOT running
How does Apache interpret multiple SSLRandomSeed sources
How to manually run application as "IIS APPPOOL\MyAppPool" user