On Sep 18, 2014, at 11:00 AM, jaco...@apache.org wrote: > <!-- SSL connector attributes --> > - <property name="sSLImplementation" > value="org.ofbiz.catalina.container.SSLImpl"/> > + <property name="sslImplementationName" > value="org.ofbiz.catalina.container.SSLImpl"/>
Hi all, I have a concern with the above change to the setting of the "https" connector of Tomcat that I have introduced with rev. 1625919 and I would appreciate your advices. The original code was plugging into the https the OFBiz custom SSL class using the connector property: "sSLImplementation". However this property name is no more valid in Tomcat and so it was ignored and not set. The default Tomcat implementation was then used. With my commit I have fixed the property to match the right name "sslImplementationName" and in fact now the OFBiz class is properly passed and set in the connector. Unfortunately I don't know much about the OFBiz implementation related to x509 certs; the purpose of the org.ofbiz.catalina.container.SSLImpl class seems to be that of simply bypassing Tomcat certificate checks (in order to let OFBiz manage them) but I am not sure if this code is mature and still required. The easy fix would be that of commenting out the property. Is anyone currently using (or knows more than me) the OFBiz implementation of x509 certificates? Thanks, Jacopo
