Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 76E9E200B71 for ; Wed, 31 Aug 2016 17:27:57 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 74F3A160AB4; Wed, 31 Aug 2016 15:27:57 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id BC598160AA7 for ; Wed, 31 Aug 2016 17:27:56 +0200 (CEST) Received: (qmail 83820 invoked by uid 500); 31 Aug 2016 15:27:55 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 83810 invoked by uid 99); 31 Aug 2016 15:27:55 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 31 Aug 2016 15:27:55 +0000 Received: from mail-ua0-f169.google.com (mail-ua0-f169.google.com [209.85.217.169]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id F16641A0015 for ; Wed, 31 Aug 2016 15:27:54 +0000 (UTC) Received: by mail-ua0-f169.google.com with SMTP id q42so36261240uaq.1 for ; Wed, 31 Aug 2016 08:27:54 -0700 (PDT) X-Gm-Message-State: AE9vXwNcCroQ+G8kPp1qAT1DtY88lP7EykVXEq9dfLQ+/3rTJer3cF5UHS9aI6BEobzBiqbVyUmTv1KM24vSPA== X-Received: by 10.31.180.195 with SMTP id d186mr5880115vkf.140.1472657274042; Wed, 31 Aug 2016 08:27:54 -0700 (PDT) MIME-Version: 1.0 Received: by 10.31.215.7 with HTTP; Wed, 31 Aug 2016 08:27:53 -0700 (PDT) In-Reply-To: References: From: =?UTF-8?Q?R=C3=A9my_Maucherat?= Date: Wed, 31 Aug 2016 17:27:53 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Configuring certificate for ssl support on Tomcat 8.5 To: Tomcat Users List Content-Type: multipart/alternative; boundary=001a114382ccb22fdf053b5fbdf1 archived-at: Wed, 31 Aug 2016 15:27:57 -0000 --001a114382ccb22fdf053b5fbdf1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable 2016-08-31 16:51 GMT+02:00 Mark Thomas : > On 31/08/2016 15:45, Lazar Kirchev wrote: > > Hello, > > > > According to Tomcat 8.5 documentation [1] when JSSE is used if the key > > alias is not specified through the attribute certificateKeyAlias of > > Certificate entry, then "... the first key read from the keystore will = be > > used...". > > However, when the property is not specified Tomcat tries to use a defau= lt > > key alias (which is "tomcat"). At least I got (on Tomcat 8.5.4) > > java.io.IOException: Alias name tomcat does not identify a key entry > > at > > org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers( > JSSEUtil.java:213) > > at > > org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext( > AbstractJsseEndpoint.java:101) > > > > Is this the intended behavior? > > http://svn.us.apache.org/repos/asf/tomcat/tc8.5.x/ > trunk/webapps/docs/changelog.xml > > http://bz.apache.org/bugzilla/show_bug.cgi?id=3D59867 > > Oops, I messed up the changelog entry, it is actually this bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=3D59910 I'll fix it after the tags. R=C3=A9my --001a114382ccb22fdf053b5fbdf1--