-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Markus,
On 12/30/19 05:27, i...@flyingfischer.ch wrote: > apt-get install haveged update-rc.d haveged defaults > > Increases entropy pool and there for reduces start up time for > Tomcat. I would argue that haveged reduces your security because it makes /dev/random (a supposedly-secure source of entropy) behave like /dev/urandom which is supposed to be sufficiently-random yet not secure for things like generating keys. You should use the right tool for the right job: use /dev/random for keys (and let it take 20 minute if necessary) and /dev/urandom for other uses. - -chris > Am 30.12.19 um 11:22 schrieb Rainer Jung: >> It depends a bit on the major Java version you are using, but >> have a look at this page: >> >> https://cwiki.apache.org/confluence/display/TOMCAT/HowTo+FasterStartU p#HowToFasterStartUp-EntropySource >> >> >> >> Regards, >> >> Rainer >> >> Am 30.12.2019 um 05:01 schrieb Vince Stewart: >>> I started recently using my my java app with embedded Tomcat / >>> 8.0.28 on a debian VPS (DigitalOcean). >>> >>> Unfortunately, it can take up to 20 minutes to launch into >>> action from the time you start execution. The issue relates to >>> "Creation of SecureRandom instance ... using SHA1PRNG". >>> Slowness has been described and explained in Stackoverflow. >>> >>> My tomcat has otherwise been so reliable that I have had no >>> motivation to keep it upgraded. Can anyone advise if some >>> change will apply if I upgrade to the latest version 8. >>> >>> Otherwise, is there a configuration change I could employ. >>> >>> Many thanks, >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4LaJIACgkQHPApP6U8 pFjeVA//QXVvuJUvLOIfTqWXsQvgwh1w4IIqDOZcRgCy3fbpdEWgv2oRkz6B0vNO WwjQXR2PNyfTLjIq8pjiGQMH9AihX6rGal9IUJ6qGFVXBr2xqb0c+8XMy3nEKYlI ++YKoe4OuVX3xG0a+iozPY1fnHSTt05xGZo1WdTgPE1gmkWmF+J76OOeA5Gb8Yx6 57O+ok6yhmBj9sBD2QwKa4L4UZNAoObJS7fzYYrzdkhcRn545NISdYMV4hE5Va5K 8vfq2fO3eLMcRebYra5nAmaLovv4M3zJalpTHE4nOhJ+6HqcDV41TiS7HaHe/2+e 34bMjQlA0FIE7J1InfJCTamVPEw5F357WetYS0eLlhR26rFG1zz3ra5W9d3JNbW7 PNTQZhfJmE7ZarmN1WsUUSmkRPD0SNQYWcHJ3zgdUMl2AJoMDB9Eo/bn+mw4Ht23 vha4dUk1ePjsWD1eaAGBWYUswjvZ+wfUjkXOCTtFadO2LHzOdfRASg4UpYeKFOL9 KgazuTx9xssHrc5UfSlojoSSVohLFievhS1cGGzN8IEHWN1ZYcAoLUpGAE0sC8yf NPyBaqiQfv+vYkiODXSnE80ivWr1m1McJAamNL469yJnqc6qPPGm3cOr4DMAVJWh ktpDai+wXpS3YEciXkLIH9Dn7KNLzNr43M/uXFs5gLdm6LnKvSE= =jdiM -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
