tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sanaullah <sanaulla...@gmail.com>
Subject Re: APR with PKCS11 support
Date Fri, 25 Jul 2014 13:16:48 GMT
Hi Chris,

httpd is working with HSM with addition of parameter
SSLCryptoDevice=LunaCA  but when i try the same parameter in tomEE. TomEE
don't recognized this parameters.

WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property
'SSLCryptoDevice' to 'LunaCA3' did not find a matching property.

Any Idea?

Regards,
Sanaullah






On Thu, Jul 10, 2014 at 7:40 PM, Christopher Schultz <
chris@christopherschultz.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Sanaullah,
>
> On 7/10/14, 4:19 AM, Sanaullah wrote:
> > is there a way i can use pkcs11 supported SmartCard/token when
> > using APR based SSL Connector in tomcat ? PEM encoded certificates
> > and keys are stored in smartcard.
> >
> > I know BIO/NIO connectors supported token/HSM but I am  looking for
> > APR based connectors?
>
> I'm no expert at such configurations, but since tcnative/APR uses
> OpenSSL for its crypto engine, then it can do anything OpenSSL can do.
> Have you been able to configure e.g. httpd to use this kind of setup?
> If so, there ought to be a way to make it happen using Tomcat's APR
> connector.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJTvqXWAAoJEBzwKT+lPKRY91AP/0StCi50JhOl0/cWSKDLoIFp
> fB18Yp1W/M72Km0TktBgpB1vGJry3aEyjaZfqL6rUpkhMouuGLKT3gFw1nNLKzw4
> g0b9ZbV7FJFIjyUNtEIIzD172TX6jf5Huh0dsPWpITqMpWiLdcrx825HGan9iUM1
> pjkdy+NIUcSWveBi2pWlw2GuAe2lMmEPRyAn1E5TuO32RKmivoFAIoobpz9Eho/T
> IdvwKa2zTOhYqhti35Bx9lMFfFP/1j5vwV8DHb8z28xFts3JsK2fEYCSbvW4nbRP
> ASKen6ibIBDlHTqFQzxKjeImmn6m5u1/MPjoE1YOJATkf/HL8M6WQF0JCI10nSzh
> xAwgQYUO77H4B+r6aRAhn0YaPpy3XdOdsjxrQeCF6IRWzwwUOyqWcNroNgiNnXLd
> xgzhxoH5RcMAE2F8941CnrPzqUOsPA18lmqvQUCZ2Qv6hZ8Tfp2Qysciz5Wj7Zn+
> QuFzAZQ85Vb0SbLK+JG9f6L5OUJQZcD2jeVwSHFXy333X0CgCwOQfkLRp13ugmOp
> DIt3Mbt5t1KpvWeNesmAAiAtcgbt9ubrcC+CsX4XE+egZMpc1Nl3uhW9n8GU+sgS
> eWXNVP0liJGQccehw7nHui8xDFcFbquhvWyAaSsDu+8RthL1sySSo+nVYEjni8WY
> eY83nmjfecWeS81bCvqu
> =44eq
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message