tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "GOMEZ Henri" <hgo...@slib.fr>
Subject RE: Resend: SSL portability and Coyote
Date Mon, 29 Apr 2002 12:16:20 GMT
>(2) JSSE uses one keyfile (the keystore). PureTLS uses three, the
>keyfile, the CA file, and the random file. I need to add new
>directives to ServerSocketFactory to propagate those.

I couldn't tell you how many questions I've got after releasing
my SSL documentation for tomcat 3.2/3.3.

The recurrent question was about how to create CA/CERTS.

Since mod_ssl for Apache HTTPD server use the same files
organisation/format (PEM) than  PureTLS, and now there is
tools (http://www.openca.org/) to create a complete PKI,
having tomcat using such standard will help people use
tomcat in SSL.


A big +1 so for the PureTLS Cert/Key pem.

I even like to have server cert and key in differents
files (à la mod_ssl), and even use the code from Bojan 
'PasswordPrompter' when the key is protected by password....



--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message