Configure standalone for fastest cipher

jgaudard Aug 23, 2018 4:15 PM

We are running Wildfly 10.0.1 on Windows Server 2012 in standalone mode. We have several application servers that are load balanced. We have fully enabled strong ciphers on the load balancer so between the client and load balancer things are pretty secure. From the load balancer to the application server, we are looking the maximize performance by using the fastest cipher as possible. As it stands now it seems we are encrypting the traffic twice; once from the client to the load balancer and then from the load balncer to the application server. This may be causing a performance hit.

After several searches I am unable to find much on this setting up this type of configuration. Can any of you point me in the right direction since I am not finding a lot of information on this configuration?

1. Re: Configure standalone for fastest cipher

mchoma Aug 27, 2018 5:34 AM (in response to jgaudard)

Very interesting question. I assume It will be tradeoff between security and performance. I would ask such question on [1] Cryptography Stack Exchange .
In extreme approach if your load balancer - server communication take place in secure network, you dont have to encrypt at all.
Actions