Return-Path: Delivered-To: apmail-incubator-harmony-dev-archive@www.apache.org Received: (qmail 52915 invoked from network); 14 Aug 2006 11:00:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 14 Aug 2006 11:00:27 -0000 Received: (qmail 82308 invoked by uid 500); 14 Aug 2006 11:00:25 -0000 Delivered-To: apmail-incubator-harmony-dev-archive@incubator.apache.org Received: (qmail 82270 invoked by uid 500); 14 Aug 2006 11:00:25 -0000 Mailing-List: contact harmony-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: harmony-dev@incubator.apache.org Delivered-To: mailing list harmony-dev@incubator.apache.org Received: (qmail 82259 invoked by uid 99); 14 Aug 2006 11:00:25 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Aug 2006 04:00:25 -0700 X-ASF-Spam-Status: No, hits=1.4 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (asf.osuosl.org: 64.74.244.70 is neither permitted nor denied by domain of geir@pobox.com) Received: from [64.74.244.70] (HELO smtp.ivresearch.com) (64.74.244.70) by apache.org (qpsmtpd/0.29) with SMTP; Mon, 14 Aug 2006 04:00:24 -0700 Received: (qmail 24248 invoked from network); 14 Aug 2006 11:00:00 -0000 Received: from ool-43560edb.dyn.optonline.net (HELO ?192.168.1.101?) (geir@67.86.14.219) by vdmx01.ivresearch.net with SMTP; 14 Aug 2006 11:00:00 -0000 Message-ID: <44E057AF.4010603@pobox.com> Date: Mon, 14 Aug 2006 06:59:59 -0400 From: Geir Magnusson Jr Reply-To: geir@pobox.com User-Agent: Thunderbird 1.5.0.5 (Windows/20060719) MIME-Version: 1.0 To: harmony-dev@incubator.apache.org Subject: Re: [tools] Re: Keytool is done, JarSigner is next. References: <25deb7630608110502q339351d6h8e352f462d174156@mail.gmail.com> <44DC8647.9000906@pobox.com> <906dd82e0608132157y604b6635la35bcb3f747caedd@mail.gmail.com> <44E004EC.20008@pobox.com> <906dd82e0608132232o7339813cqe534808a24a872c3@mail.gmail.com> In-Reply-To: <906dd82e0608132232o7339813cqe534808a24a872c3@mail.gmail.com> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Mikhail Loenko wrote: > Ok, sure. > > One thing that IMHO worth discussion is: > > By default the server tries to go to Sun's ssl provider: > com.sun.net.ssl.internal.ssl.Provider > > Though it seems to be possibe to specify a custom provider by defining > a property > org.w3c.jigsaw.ssl.security.provider > > But to figure that out I had to grep Jigsaw sources Hm. What does jetty and tomcat do? > > The question is should we provide our own com.sun...Provider? You probably can guess my answer to this... > > It would look like this way: > > package com.sun.net.ssl.internal.ssl; > import org.apache.harmony.xnet.provider.jsse.JSSEProvider; > public class Provider extends JSSEProvider { > } > > Thanks, > Mikhail > > P.S. I was able to easily start Jigsaw HTTP server and navigate a bit. > I used IBM VM+Harmony classlib What happens when you used DRLVM? geir > > 2006/8/14, Geir Magnusson Jr : >> Side note : >> >> Can you keep notes so that when you get things working, we can post to >> website as docs? >> >> geir >> >> >> Mikhail Loenko wrote: >> > Hi Anton, >> > >> > I'm trying to run Jigsaw https server. I used Harmony keytool to >> generate >> > keystore according to Jigsaw mans: >> > >> > keytool -genkey -alias troi.example.com -keypass example -keystore >> > troi.keystore -keyalg RSA >> > >> > so far works OK >> > >> > keytool -selfcert -alias troi.example.com -keystore troi.keystore >> > -keyalg RSA >> > >> > prints this error message: >> > >> > Enter keystore password: example >> > java.security.NoSuchAlgorithmException: The algorithm >> > MD5WithRSAEncryption is not found in the environment. >> > at >> > org.apache.harmony.tools.keytool.KeyCertGenerator.genX509CertImpl(Key >> > CertGenerator.java:40) >> > at >> > org.apache.harmony.tools.keytool.KeyCertGenerator.selfCert(KeyCertGen >> > erator.java:335) >> > at org.apache.harmony.tools.keytool.Main.doWork(Main.java:78) >> > at org.apache.harmony.tools.keytool.Main.run(Main.java:125) >> > at org.apache.harmony.tools.keytool.Main.main(Main.java:141) >> > >> > >> > Any idea how to solve this? Do we miss some functionality in Harmony? >> > >> > Thanks, >> > Mikhail >> > >> > 2006/8/11, Geir Magnusson Jr : >> >> 1) YAY! >> >> >> >> 2) No objections for jarsigner, but rather thanks and encouragement! >> >> >> >> 3) You may have been doing the following and I simply missed it, >> but I'd >> >> suggest that you keep a stream of patches coming on things like >> this so >> >> that people can see and get involved and also discuss more of your >> >> experience doing this on the list as it happens. >> >> >> >> 4) Can you add [tools] to your subject lines? :) >> >> >> >> geir >> >> >> >> >> >> >> >> Anton Rusanov wrote: >> >> > I'm happy to write this - Keytool is done and operative now. :) >> >> > It has the same functionality as the one from RI with some >> >> improvements. >> >> > In addition to what RI can do the Harmony Keytool is able to >> >> > * generate X.509 certificates v2, v3. >> >> > * sign a certificate with another key from the keystore >> >> > * generate and manage secret keys >> >> > * convert a keystore to another format >> >> > * check certificate revocation status >> >> > * verify a certificate chain >> >> > * use specific providers for various purposes. >> >> > >> >> > There is still a little problem with making an executable of the >> tool >> >> > in the build. So you can follow the steps to make it on your own: >> >> > 1. copy deploy\jdk\jre\bin\java.exe to >> deploy\jdk\jre\bin\keytool.exe >> >> > 2. copy deploy\jdk\lib\tools.jar into deploy\jdk\jre\bin\ >> >> > 3. run keytool.exe >> >> > >> >> > I want to thank Mikhail for applying my patches. >> >> > I'm going to start work on JarSigner tool. Does anyone have >> objections >> >> > to me doing this? >> >> > >> >> >> >> --------------------------------------------------------------------- >> >> Terms of use : http://incubator.apache.org/harmony/mailing.html >> >> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org >> >> For additional commands, e-mail: harmony-dev-help@incubator.apache.org >> >> >> >> >> > >> > --------------------------------------------------------------------- >> > Terms of use : http://incubator.apache.org/harmony/mailing.html >> > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org >> > For additional commands, e-mail: harmony-dev-help@incubator.apache.org >> > >> > >> > >> >> --------------------------------------------------------------------- >> Terms of use : http://incubator.apache.org/harmony/mailing.html >> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org >> For additional commands, e-mail: harmony-dev-help@incubator.apache.org >> >> > > --------------------------------------------------------------------- > Terms of use : http://incubator.apache.org/harmony/mailing.html > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org > For additional commands, e-mail: harmony-dev-help@incubator.apache.org > > > --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org For additional commands, e-mail: harmony-dev-help@incubator.apache.org