pkcs11 bypass (Sun Java System Web Server 7.0 Update 4 Administrator's Configuration File Reference)

Sun Java System Web Server 7.0 Update 4 Administrator's Configuration File Reference

Previous: pkcs11
Next: profiler

pkcs11 bypass

The pkcs11 bypass element instructs the NSS to bypass the PKCS#11 layer during SSL/TLS processing, thereby improving performance.

During startup, the server automatically verifies each token, holding a server key, to assess if they support PKCS#11 bypass. If the tokens support bypass in the current configuration the PKCS#11 layer will be bypassed, else the bypass will be disabled. Thus, the server automatically takes advantage of the performance benefits of pkcs11 bypass whenever possible.

In certain unique circumstances, you can disable PKCS#11 bypass manually by using the server.xml element <allow-bypass>.

<pkcs11>
 <enabled>1</enabled>
 <allow-bypass>0</allow-bypass>
</pkcs11>

pkcs11 bypass

See Also