Mailing-List: contact harmony-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: harmony-dev@incubator.apache.org
Received-SPF: pass (asf.osuosl.org: domain of mloenko@gmail.com designates
 64.233.182.187 as permitted sender)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=RjhdrITg+PaRiK7VaAJphwesQU3TgYggzkpux6eWFXAZhmKTSmbx+JY1Xwi69IO9kCzesBAYiBHR1RZDg3SqR+HNJm4R39HNGaB78xuE/Z3qUSy5wYKM7BZZXWHZPFIUvF+7ulv7i0uuV1CihsPoiJPhEYteYOxw2d7SkDk19HU=
Message-ID: <906dd82e0608132232o7339813cqe534808a24a872c3@mail.gmail.com>
Date: Mon, 14 Aug 2006 12:32:26 +0700
From: "Mikhail Loenko" <mloenko@gmail.com>
To: harmony-dev@incubator.apache.org, geir@pobox.com
Subject: Re: [tools] Re: Keytool is done, JarSigner is next.
In-Reply-To: <44E004EC.20008@pobox.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <25deb7630608110502q339351d6h8e352f462d174156@mail.gmail.com>
	 <44DC8647.9000906@pobox.com>
	 <906dd82e0608132157y604b6635la35bcb3f747caedd@mail.gmail.com>
	 <44E004EC.20008@pobox.com>

Ok, sure.

One thing that IMHO worth discussion is:

By default the server tries to go to Sun's ssl provider:
com.sun.net.ssl.internal.ssl.Provider

Though it seems to be possibe to specify a custom provider by defining
a property
org.w3c.jigsaw.ssl.security.provider

But to figure that out I had to grep Jigsaw sources

The question is should we provide our own com.sun...Provider?

It would look like this way:

package com.sun.net.ssl.internal.ssl;
import org.apache.harmony.xnet.provider.jsse.JSSEProvider;
public class Provider extends JSSEProvider {
}

Thanks,
Mikhail

P.S. I was able to easily start Jigsaw HTTP server and navigate a bit.
I used IBM VM+Harmony classlib

2006/8/14, Geir Magnusson Jr <geir@pobox.com>:
> Side note :
>
> Can you keep notes so that when you get things working, we can post to
> website as docs?
>
> geir
>
>
> Mikhail Loenko wrote:
> > Hi Anton,
> >
> > I'm trying to run Jigsaw https server. I used Harmony keytool to generate
> > keystore according to Jigsaw mans:
> >
> > keytool -genkey -alias troi.example.com -keypass example -keystore
> > troi.keystore -keyalg RSA
> >
> > so far works OK
> >
> > keytool -selfcert -alias troi.example.com -keystore troi.keystore
> > -keyalg RSA
> >
> > prints this error message:
> >
> > Enter keystore password: example
> > java.security.NoSuchAlgorithmException: The algorithm
> > MD5WithRSAEncryption is not found in the environment.
> >        at
> > org.apache.harmony.tools.keytool.KeyCertGenerator.genX509CertImpl(Key
> > CertGenerator.java:40)
> >        at
> > org.apache.harmony.tools.keytool.KeyCertGenerator.selfCert(KeyCertGen
> > erator.java:335)
> >        at org.apache.harmony.tools.keytool.Main.doWork(Main.java:78)
> >        at org.apache.harmony.tools.keytool.Main.run(Main.java:125)
> >        at org.apache.harmony.tools.keytool.Main.main(Main.java:141)
> >
> >
> > Any idea how to solve this? Do we miss some functionality in Harmony?
> >
> > Thanks,
> > Mikhail
> >
> > 2006/8/11, Geir Magnusson Jr <geir@pobox.com>:
> >> 1) YAY!
> >>
> >> 2) No objections for jarsigner, but rather thanks and encouragement!
> >>
> >> 3) You may have been doing the following and I simply missed it, but I'd
> >> suggest that you keep a stream of patches coming on things like this so
> >> that people can see and get involved and also discuss more of your
> >> experience doing this on the list as it happens.
> >>
> >> 4) Can you add [tools] to your subject lines?  :)
> >>
> >> geir
> >>
> >>
> >>
> >> Anton Rusanov wrote:
> >> > I'm happy to write this - Keytool is done and operative now. :)
> >> > It has the same functionality as the one from RI with some
> >> improvements.
> >> > In addition to what RI can do the Harmony Keytool is able to
> >> > * generate X.509 certificates v2, v3.
> >> > * sign a certificate with another key from the keystore
> >> > * generate and manage secret keys
> >> > * convert a keystore to another format
> >> > * check certificate revocation status
> >> > * verify a certificate chain
> >> > * use specific providers for various purposes.
> >> >
> >> > There is still a little problem with making an executable of the tool
> >> > in the build. So you can follow the steps to make it on your own:
> >> > 1. copy deploy\jdk\jre\bin\java.exe to deploy\jdk\jre\bin\keytool.exe
> >> > 2. copy deploy\jdk\lib\tools.jar into deploy\jdk\jre\bin\
> >> > 3. run keytool.exe
> >> >
> >> > I want to thank Mikhail for applying my patches.
> >> > I'm going to start work on JarSigner tool. Does anyone have objections
> >> > to me doing this?
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> Terms of use : http://incubator.apache.org/harmony/mailing.html
> >> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> >> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > Terms of use : http://incubator.apache.org/harmony/mailing.html
> > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >
> >
> >
>
> ---------------------------------------------------------------------
> Terms of use : http://incubator.apache.org/harmony/mailing.html
> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
>
>

---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org