On Mar 12, 2007, at 1:26 AM, Lasantha Ranaweera wrote:
Hi Folks,
I noticed some in consistencies in the Geronimo console when it
comes to Jetty & Tomcat environments while we are creating HTTPS
listeners (two different UIs). Tomcat GUI support both PKCS12 and
JKS key stores while Jetty only supports JKS (there are some other
differences too). Is there any reason behind this kind of change?
Can't we use the same GUI for this kind of activity because it will
give G user same environment whether it is Tomcat or Jetty ?
Also in Tomcat HTTPS listener supports PKCS12 key store type G
currently only supports JKS type. Can't we add the PKCS12 in to the
G key stores since it is more industry standard when it comes to
key stores than JKS? I remembered using bouncy castle as security
provider with PKCS12 sometime back without any issues ;-) . Any
insight would be greatly appriciated.
I would like to spend some of my time on these issues if there is
no big technical (also legal) barrier associated with it :-) .
so far I've stayed out of this discussion :-)
There's been discussion of similar issues in https://
issues.apache.org/jira/browse/GERONIMO-2015. We have to be very
careful about importing more of the bouncy castle code than we
already have to avoid potential patent infringement issues.
From a design perspective I would like to see first that our tomcat
integration uses a keystore gbean like the jetty integration does,
and then the additional keystore be added. However both of these
parts would be great from my point of view.
It looks from the jira comments that some people have concerns about
compatibility across different platforms. Is this taken care of by
the move to jdk 1.5 in g. 2.0?
thanks
david jencks
Thanks,
Lasantha
