tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lacerda, Wellington (AFIS)" <Wellington.Lace...@fao.org>
Subject RE: Tomcat 3.2 and SSL (2)
Date Tue, 12 Sep 2000 16:04:09 GMT
1.	Tomcat's server.xml says "there's this connector, PoolTcpConnector,
that can understand http requests, and when a request of that kind arrives,
the connector will pass it to this handler, HttpConnectionHandler, that uses
this Factory, SSLSocketFactory, to create sockets". 
2.	Now, TO CREATE an SSL socket, SSLSocketFactory will rely on JSSE.
3.	Which will, in turn, prior to simply create a socket, check the
keystore to retrieve the parameters necessary to create the dynamic
certificates that are part of SSL.

This is why using SSL with tomcat requires all those components.

Wellington Silva
UN/FAO

		-----Original Message-----
		From:	plen@orionsci.com [mailto:plen@orionsci.com]
		Sent:	Tuesday, September 12, 2000 4:23 PM
		To:	tomcat-user@jakarta.apache.org
		Subject:	RE: Tomcat 3.2 and SSL (2)

		Wellington,

		The big thing that I am a bit confused on is the link among
Tomcat,
		JSSE, the JDK, and the keystore.

		Is it:
		1 - The Tomcat server.xml file uses values in the
<connector> tag to
		talk to either JSSE or the JDK.
		2 - JSSE and the JDK talk and get the information from the
keystore.
		3 - The result is that the user gets the message about the
secure site,
		etc, etc.

		I have to also believe then that the user that created the
keystore must
		be the same user that starts Tomcat.

		Sorry for my naive understanding of this process,

		Peter

Mime
View raw message