contention when creating SSLSocket (due X.509 certificate loading)

[kares]

from a real-world testing with SSLSockets being created concurrently (using ActiveMerchant)

after a while contetion seems to add up around ASN1ObjectIdentifier.getBody (using BC 1.50)

0.9.7 was initially tested, which revealed some contention in Sun's provider while loading the certificate :

this issue can be reproduced using 0.9.8 SNAPSHOT at https://github.com/jruby/jruby-openssl/commit/7e381cb44c283acefb28178b8fd70cd3555a7452 (application was running for ~ 3 hours)

... in an attempt to consult BC's X.509 support when available https://github.com/jruby/jruby-openssl/commit/ef2d1d93a4d56c52fb650b29cc44c2f937b68c0e (also due consistency since we're using it internally) ... the contention got much higher :

full stack-trace trees : https://gist.github.com/kares/e850554aa5756becfd91

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/16392701-contention-when-creating-sslsocket-due-x-509-certificate-loading?utm_campaign=plugin&utm_content=tracker%2F136995&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F136995&utm_medium=issues&utm_source=github).

[kares]

for record, some numbers (30+ concurrency) :

NO_CACHE READ ... initial 100-700ms stays at around 300ms after warm-up NOTE: certificate generation is not that slow it's mostly contention adding up due concurrency.

CACHED READ ... initial [---||---] goes down to around ~ 50ms after warm-up