tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1834860 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
Date Mon, 02 Jul 2018 15:47:54 GMT
Author: markt
Date: Mon Jul  2 15:47:54 2018
New Revision: 1834860

URL: http://svn.apache.org/viewvc?rev=1834860&view=rev
Log:
Don't use in-memory certs with DKS key stores

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1834860&r1=1834859&r2=1834860&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Mon Jul  2 15:47:54 2018
@@ -244,7 +244,8 @@ public class JSSEUtil extends SSLUtilBas
             }
 
             Key k = ks.getKey(keyAlias, keyPassArray);
-            if (k != null && "PKCS#8".equalsIgnoreCase(k.getFormat())) {
+            if (k != null && !"DKS".equalsIgnoreCase(certificate.getCertificateKeystoreType())
&&
+                    "PKCS#8".equalsIgnoreCase(k.getFormat())) {
                 // Switch to in-memory key store
                 String provider = certificate.getCertificateKeystoreProvider();
                 if (provider == null) {



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message