tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Clozel <bclo...@pivotal.io>
Subject TLS support: consider bundling native libs in JARs
Date Thu, 19 Oct 2017 14:11:19 GMT
Hi,

More and more servers are choosing to make available one or more solutions
to use TLS native stacks by shipping them as JARs:

* Netty has quite a few options there
http://netty.io/wiki/forked-tomcat-native.html
* Jetty is now shipping a conscrypt support as well
https://webtide.com/conscrypting-native-ssl-for-jetty/

I know there are other solutions for that, like changing the boot classpath
or installing native libraries directly on the host operating system. But
those solutions aren't always super easy to achieve in cloud environments;
there are also questions on this mailing list around
tomcat+tcnative+openssl versions compatibility.

Would the Tomcat community consider shipping JARs (with classifier and uber
JARs) containing the required native libraries (libtcnative + openssl +
apr)?
Bonus question: would you consider supporting boringssl or libressl?

Thanks,
--
Brian Clozel

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message