tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44409] New: - Tomcat does not support Windows-My Provider
Date Wed, 13 Feb 2008 11:48:08 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=44409>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44409

           Summary: Tomcat does not support Windows-My Provider
           Product: Tomcat 6
           Version: 6.0.14
          Platform: Other
        OS/Version: Windows Server 2003
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: khainodd@yahoo.com


The only keystore other than one based in a file that tomcat supports is PKCS11.
Java 6 has introduced Windows-MY and Windows-ROOT providers, that provide access
to certificates inside the Windows store.
I've examined org.apache.tomcat.util.net.jsse.JSSESocketFactory and found that
adding the suport to them is trivial. I changed two lines and it works. It is a
simple modification. Now, I'd like to share it, so Tomcat developers could
include it in next releases.

When code was:

if(! "PKCS11".equalsIgnoreCase(type) ) {
    File keyStoreFile = new File(path);
    if (!keyStoreFile.isAbsolute()) {
        keyStoreFile = new File(System.getProperty("catalina.base"), path);    
                     
    }
    istream = new FileInputStream(keyStoreFile);
}
ks.load(istream, pass.toCharArray());

Now, it would be:

if ("Windows-MY".equalsIgnoreCase(type)) {
    log.info("Using Windows keystore for SSL");
    ks.load(null, null);
} else {

    // ... *Previous block of code* ...
}

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message