Updating an application from the standard BC jars to the new BCFIPS jars, I have run into the following performance problem: There is a Trust Store that contains around 100 common CA certificates and the first time this Trust Store is handled,
BouncyCastleFipsProvider does key validation on every single public key which freezes the application for about 5 seconds. After this initial delay, there are no more problems because BC caches the public key on the X509CertificateObject that is created, but
the 5 second delay is unacceptable as is.
Are there any workarounds or ideas for how to resolve this problem?