tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <devli...@hanik.com>
Subject Re: Problem in NIOEndpoint
Date Fri, 02 Apr 2010 15:09:09 GMT
The NioX509KeyManager was added in so that you could force an alias to 
be used. Meaning, you have a keystore, and you want to use the attribute

keyAlias="tomcat"

in your connector, in 6.0.18, the NIO connector ignores it, and the JVM 
picks any key in your keystore, and this is not always what you want.

You can open a bug in bugzilla, attach your configurations there and I 
can see why its not working for you.
Filip

On 03/31/2010 05:47 PM, Christopher Lee wrote:
> Tomcat version 6.0.26:
>
> There was a method introduced: NIOEndpoint#wrap (post 6.0.18) called from
> NIOEndpoint#init which wraps KeyManagers with NioX509KeyManager.
> I am not sure why (I could not get the JSSE source to fully debug) but when
> I run embedded Tomcat with SSL enabled and my own keystores
> I get the following exception: "javax.net.ssl.
> SSLHandshakeException: no cipher suites in common".  Removing this wrapping
> will result in
> a working instance.  This method is not present in 6.0.18.  Please let me
> know if there is something I can do as a work around or if
> this actually causes a real bug.
>
> I wasn't sure where to post this.  Please advise if you think I should post
> this elsewhere.
>
> Thanks,
> Chris.
>
>    


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message