tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joaquín Sánchez Jiménez <qu...@fi2net.com>
Subject Re: Keystore format
Date Tue, 22 Jan 2002 17:05:08 GMT
Hi:

To do this you must create your own SSLSocketFactory. See org.apache.tomcat.net.SSLSocketFactory
class from TOMCAT source.
You will see why you can only have JKS store type.
Once you have create it, you must config server.xml file:
<Connector className="org.apache.tomcat.service.PoolTcpConnector">

<Parameter name="handler" value="org.apache.tomcat.service.http.HttpConnectionHandler"/>

<Parameter name="port" value="8443"/>

<Parameter name="socketFactory" value="mypackage.MySSLSocketFactory" />

</Connector>


To get PrivateKey you can use this lines:

// JKS format.
KeyStore ks = KeyStore.getInstance("JKS");
// PKCS12 format using JSSE 1.0.2.
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
KeyStore ks = KeyStore.getInstance("PKCS12");

ks.load(new FileInputStream("PATH_TO_KEY_STORE"), "storepass".toCharArray());
PrivateKey pk = (PrivateKey)ks.getKey("certificateAlias", "keypass".toCharArray());


----- Original Message ----- 
From: "Jason Barr" <jasonb@thawte.com>
To: "tomcat" <tomcat-user@jakarta.apache.org>
Sent: Tuesday, January 22, 2002 5:41 PM
Subject: Keystore format


> Hi all,
> 
> Is one able to use a non-JKS type keystore with Tomcat? The docs don't
> get very specific about this and mention that only JKS type keystores
> can be used.
> 
> Has anyone figured out a way to extract a private key from a JKS (or for
> that matter, a pkcs12) type keystore?
> 
> Cheers,
> --
> Jason Barr
> Vendor Manager
> Thawte Tech Support
> www.thawte.com/cgi/support/contents.exe
> 
> 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message