Return-Path: X-Original-To: apmail-tomcat-dev-archive@www.apache.org Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 61AB319824 for ; Thu, 21 Apr 2016 14:02:15 +0000 (UTC) Received: (qmail 52292 invoked by uid 500); 21 Apr 2016 14:02:15 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 52219 invoked by uid 500); 21 Apr 2016 14:02:14 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 52208 invoked by uid 99); 21 Apr 2016 14:02:14 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Apr 2016 14:02:14 +0000 Received: from asf-bz1-us-mid.priv.apache.org (nat1-us-mid.apache.org [23.253.172.122]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPS id B6AC91A0094 for ; Thu, 21 Apr 2016 14:02:14 +0000 (UTC) Received: by asf-bz1-us-mid.priv.apache.org (ASF Mail Server at asf-bz1-us-mid.priv.apache.org, from userid 33) id 12F0160642; Thu, 21 Apr 2016 14:02:14 +0000 (UTC) From: bugzilla@apache.org To: dev@tomcat.apache.org Subject: [Bug 59344] PEM file support for JSSE Date: Thu, 21 Apr 2016 14:02:13 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Tomcat 9 X-Bugzilla-Component: Connectors X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: ebourg@apache.org X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: dev@tomcat.apache.org X-Bugzilla-Target-Milestone: ----- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bz.apache.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 https://bz.apache.org/bugzilla/show_bug.cgi?id=59344 --- Comment #1 from Emmanuel Bourg --- Created attachment 33788 --> https://bz.apache.org/bugzilla/attachment.cgi?id=33788&action=edit PEM support implementation Here is a patch implementing this feature: - SSLHostConfigCertificate is modified to accept certificateFile, certificateChainFile and certificateKeyFile with JSSE - The HTTP connector documentation is updated accordingly - A new package private class org.apache.tomcat.util.net.jsse.PEMFile is added to handle the PEM file parsing and decoding. It supports PKCS#8 private keys only. - JSSEUtil.getKeyManagers() is modified to create an in-memory keystore initialized with the PEM files when the certificateFile is specified. - TesterSupport is modified to make it possible to initialize SSL with PEM files even when the APR connector isn't used. - TestSsl is extended to test SSL with plain text and encrypted keys. It is missing a test with a certificate chain file to cover all the cases (the test certificate being self signed it has no intermediary CA). -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org