tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Serle Shuman" <>
Subject Re: [Catalina] SSL implementation questions and comments
Date Thu, 03 Aug 2000 16:23:38 GMT
A keystore file is meant to contain many keys. The keystorefile variable
specifies the location of the keystore file but does not resolve which key
is used in the keystore. I would like to dynamically select the key
depending on the virtual host and even the alias used to access the virtual
host. I've been wading through JSSE and I can't seem to find an appropriate
call in this regard.


----- Original Message -----
From: Warner Onstine <>
To: <>
Sent: Thursday, August 03, 2000 5:46 PM
Subject: Re: [Catalina] SSL implementation questions and comments

> I can only speak for Tomcat but this is defined in server.xml as the
> keystoreFile variable (I believe, its been a couple of months since I
> at the code, and I haven't looked at the Catalina code that was ported by
> Remy Maucherat).
> -warner
> ----- Original Message -----
> From: Serle Shuman
> To:
> Sent: Thursday, August 03, 2000 1:04 AM
> Subject: [Catalina] SSL implementation questions and comments
> I've got SSL working, however, can someone explain where in the code jsse
> instructed to use the tomcat key as opposed to some other key. Would it be
> possible to choose the key based on the virtual host or virtual host alias
> name. (this would be required to pass the browser assertion that the site
> name == certificate name). This seems like a bit of a catch-22 as this
> seems to only be communicated after SSL setup which includes key-exchange.
> Also I think that the keystore should be a catalina keystore, not the
> default keystore. i.e. default keystore should be somwhere realative to
> tomcat home, maybe in <tomcat_home>/conf/security/tomcat.keystore.
> Serle
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

View raw message