tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Betteridge <n.betteri...@syntactics.com>
Subject Re: Resend: SSL portability and Coyote
Date Mon, 29 Apr 2002 08:47:01 GMT
Eric Rescorla wrote:
> 
> Nick Betteridge <n.betteridge@syntactics.com> writes:
> > Eric Rescorla wrote:
> > >
> > > This didn't make it out the first time so I'm resending...
> > >
> > > I'm looking at what needs to be done to make the 3.3 SSL portablity
> > > stuff work properly with Coyote. For the most part, this work has been
> > > done--if you set the SSLImplementation appropriately and the correct
> > > factory gets invoked. However, there appear to be some issues with
> > > CoyoteServerSocketFactory and it's handling of configuration
> > > directives:
> > >
> > > (1) CoyoteServerSocketFactory appears to be willing to handle a
> > > "socketFactoryName". AFAICT, this is supplanted by SSLImplementation
> > > and none of the other code does anything with it. Any reason not to
> > > remove support for this directive entirely?
> > >
> > > (2) JSSE uses one keyfile (the keystore). PureTLS uses three, the
> > > keyfile, the CA file, and the random file. I need to add new
> > > directives to ServerSocketFactory to propagate those.
> > >
> >
> > Erik - any chance of implementing this with a generic certificate/key
> > factory so that the SocketFactory doesn't just rely on the default
> > keystore?
> I'm not sure exactly what you're looking for here. Can you provide
> an example of how you'd like things to look?
> 

I'm currently using a simple factory to get around having to rely on the
keystore file - all of my certificates are held in a jdo repository -
below is the interface I'm using - if you need more, please mail and
I'll send it on

Rgds Nick

public interface PureTLSCertificateFactoryInterface {

    
    public String getKeyAlias();
    public void setKeyAlias(String alias);
    
    public String getKeyPassword();
    public void setKeyPassword(String password);
    
    // Keys from files
    
    public String getKeyStoreFile();
    public void setKeyStoreFile(String keyStoreFile);
    
    public String getRootFile();
    public void setRootFile(String rootFile);
    
    public String getRandomFile();
    public void setRandomFile(String randomFile);
    
    // Keys from streams
    
    public InputStream getKeyStoreStream();
    public void setKeyStoreStream(InputStream keyStoreFile);
    
    public InputStream getRootStream();
    public void setRootStream(InputStream rootFile);
    
}

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message