tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Luehe <Jan.Lu...@Sun.COM>
Subject Re: [PROPOSAL] Add "keystoreAlias" property to CoyoteConnector
Date Mon, 11 Aug 2003 22:25:29 GMT
Bill Barker wrote:
> Just make certain to close bug #19610 after the commit.

Done.

Notice that 19610 also requests the ability to assign different
passwords to each individual key. JSSE currently does not support
this feature via its standard APIs.

Jan


> ----- Original Message ----- 
> From: "Jan Luehe" <Jan.Luehe@Sun.COM>
> To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
> Sent: Saturday, August 09, 2003 10:38 AM
> Subject: [PROPOSAL] Add "keystoreAlias" property to CoyoteConnector
> 
> 
> 
>>I would like to add support for specifying a keystore alias property
>>on CoyoteConnector. This will allow control over which (of possible
>>many) keypair and supporting cert chain the connector is going to
>>select to authenticate itself to the client during the SSL handshake,
>>when client auth is turned on.
>>
>>If this attribute is specified on the connector, the underlying JSSE
>>socket factory will initialize the SSL context with a KeyManager
>>implementation whose methods delegate to the default key manager, with
>>the exception of the "chooseServerAlias" method, which will return the
>>specified alias name.
>>
>>Let me know if you have any issues with this proposal.
>>
>>Thanks,
>>
>>Jan
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>
>>
>>------------------------------------------------------------------------
>>
>>This message is intended only for the use of the person(s) listed above as the intended
recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL.  If you are
not an intended recipient, you may not read, copy, or distribute this message or any attachment.
If you received this communication in error, please notify us immediately by e-mail and then
delete all copies of this message and any attachments.
>>
>>In addition you should be aware that ordinary (unencrypted) e-mail sent through the
Internet is not secure. Do not send confidential or sensitive information, such as social
security numbers, account numbers, personal identification numbers and passwords, to us via
ordinary (unencrypted) e-mail.
>>
>>
>>
>>------------------------------------------------------------------------
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> 



Mime
View raw message