b14837
@@ -23,6 +23,8 @@
package org.jboss.as.webservices.service;
 
 import static org.jboss.as.webservices.WSLogger.ROOT_LOGGER;
 
+import java.security.Provider;
+import java.security.Security;
 import java.util.List;
 
 import javax.management.MBeanServer;
@@ -70,6 +72,8 @@
public final class ServerConfigService implements Service<ServerConfig> {
     public void start(final StartContext context) throws StartException {
         try {
             serverConfig.create();
+            //we fix newly added BouncyCastle security provider to remove DH KeyPairGenerator
+            fixSecurityProvider();
         } catch (final Exception e) {
             ROOT_LOGGER.configServiceCreationFailed();
             throw new StartException(e);
@@ -103,4 +107,15 @@
public final class ServerConfigService implements Service<ServerConfig> {
         return sc;
     }
 
+    /*
+    Fixes WFLY-3252 First HTTPS / SSL request after startup of Wildfly 8.0.0.Final is blocked for many seconds
+    This is a big hack, which removes BouncyCastle DH KeyPairGenerator algorithm as it can hang / eat lots of CPU
+    see https://issues.apache.org/jira/browse/HARMONY-3789 & http://bouncycastle.org/jira/browse/BJA-19 for more
+    */
+    private static void fixSecurityProvider(){
+        Provider bc = Security.getProvider("BC");
+        if (bc!=null) {
+            bc.remove("KeyPairGenerator.DH");
+        }
+    }
 }
