tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Insert key-store implementation into Tomcat Connector
Date Wed, 02 May 2018 10:35:41 GMT
On 02/05/18 01:48, Mark Boon wrote:
> In the Tomcat TLS Connecter configuration, there’s the trustManagerClassName that can
be set to a Java implementation of the X509TrustManager interface. There’s also a configuration
called keystoreFile from which it will read the certificate-key pair to set up the SSL connection.
I was wondering if there’s also a way to configure a class that will provide the SSL certificate?
My company would like to plug in their own mechanism to store and retrieve certificates, rather
than the Java Key Store.
> 
> I have seen references to a keystoreProvider, but I have been unable to find anything
that provides an example how that is to be used, so I’m not sure that serves for what I’m
looking for.
> 
> Any pointer to how that could be accomplished would be highly appreciated.

Writing a custom Keystore provider would be the most portable solution.

https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/HowToImplAProvider.html

has some pointers.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message