If we need to validate certificate then we are loading several different certificate stores including browser certificate stores. We are spending 50-100ms to do so. Actual loading logic is either direct call to keystore.load() (and these account for 30-60ms) or we instantiate certificates one by one from byte streams. However, even in later case most of the work is spent instantiating certificates.

Most of these certificates are not needed (we really need at most one) and it will help a lot if they can be cheaply instantiated.