tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Betteridge <n.betteri...@syntactics.com>
Subject Re: Resend: SSL portability and Coyote
Date Sat, 27 Apr 2002 06:14:08 GMT
Eric Rescorla wrote:
> 
> This didn't make it out the first time so I'm resending...
> 
> I'm looking at what needs to be done to make the 3.3 SSL portablity
> stuff work properly with Coyote. For the most part, this work has been
> done--if you set the SSLImplementation appropriately and the correct
> factory gets invoked. However, there appear to be some issues with
> CoyoteServerSocketFactory and it's handling of configuration
> directives:
> 
> (1) CoyoteServerSocketFactory appears to be willing to handle a
> "socketFactoryName". AFAICT, this is supplanted by SSLImplementation
> and none of the other code does anything with it. Any reason not to
> remove support for this directive entirely?
> 
> (2) JSSE uses one keyfile (the keystore). PureTLS uses three, the
> keyfile, the CA file, and the random file. I need to add new
> directives to ServerSocketFactory to propagate those.
> 

Erik - any chance of implementing this with a generic certificate/key
factory so that the SocketFactory doesn't just rely on the default
keystore?

> Does anyone object to these changes?
> 
> -Ekr
> 
> --
> To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message