tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Lee <christophersa...@gmail.com>
Subject Re: Problem in NIOEndpoint
Date Sat, 03 Apr 2010 00:57:24 GMT
Thanks Filip there is no bug as it turns out the alias name set was wrong.
-Chris.

On Fri, Apr 2, 2010 at 8:09 AM, Filip Hanik - Dev Lists
<devlists@hanik.com>wrote:

> The NioX509KeyManager was added in so that you could force an alias to be
> used. Meaning, you have a keystore, and you want to use the attribute
>
> keyAlias="tomcat"
>
> in your connector, in 6.0.18, the NIO connector ignores it, and the JVM
> picks any key in your keystore, and this is not always what you want.
>
> You can open a bug in bugzilla, attach your configurations there and I can
> see why its not working for you.
> Filip
>
>
> On 03/31/2010 05:47 PM, Christopher Lee wrote:
>
>> Tomcat version 6.0.26:
>>
>> There was a method introduced: NIOEndpoint#wrap (post 6.0.18) called from
>> NIOEndpoint#init which wraps KeyManagers with NioX509KeyManager.
>> I am not sure why (I could not get the JSSE source to fully debug) but
>> when
>> I run embedded Tomcat with SSL enabled and my own keystores
>> I get the following exception: "javax.net.ssl.
>> SSLHandshakeException: no cipher suites in common".  Removing this
>> wrapping
>> will result in
>> a working instance.  This method is not present in 6.0.18.  Please let me
>> know if there is something I can do as a work around or if
>> this actually causes a real bug.
>>
>> I wasn't sure where to post this.  Please advise if you think I should
>> post
>> this elsewhere.
>>
>> Thanks,
>> Chris.
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message