tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jean-frederic clere <>
Subject Re: Tomcat to support other keystore types?
Date Wed, 07 Nov 2001 08:45:41 GMT
Eric Rescorla wrote:
> "Bill Barker" <> writes:
> > I've checked in the modifications to PoolTcpConnector to allow plugging in
> > another SSL provider.  Now he just has to create a class extending
> > that works with his SSL implementation,
> > and then put it's class as the value to the socketFactory attribute in
> > Http10Interceptor.
> Hi. "He" is me, the author of PureTLS.
> I've taken a look at what you've done and I can definitely work
> with it. However, I think that we need one more piece:
> Currently CertCompat has JSSE hardwired in.

Due to:
 static final String JSSE_SUPPORT=
We just need "org.apache.tomcat.util.compat.PureTLSCertCompat" and a parameter
to allow JSSE_SUPPORT to be changed in SSL_SUPPORT. Quick hack would be to add
PureTLS_SUPPORT and try to load both classes the successfully one would be the
one used.

How could we add it as a parameter in the server.xml file?

By the way: I have forgotten to put the ASF header in the sources when commit
them last time, I will arrange this when committing PureTLS support :)

> If we substitute PureTLS
> then we'll need to add an adapter for PureTLS.  (the adapter is just a
> stub since PureTLS has no problem giving you the encoded certificates.)
> Obviously, I'm more than happy to write this adapter but you
> probably have some opinions about how to arrange that the right
> one gets dynamically loaded. If you prefer, I can submit/suggest
> changes for this as well.
> -Ekr
> --
> [Eric Rescorla                         ]
> --
> To unsubscribe, e-mail:   <>
> For additional commands, e-mail: <>

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message