Le 19/09/2014 06:56, Jacopo Cappellato a écrit :
On Sep 18, 2014, at 11:00 AM, jaco...@apache.org wrote:
<!-- SSL connector attributes -->
- <property name="sSLImplementation"
value="org.ofbiz.catalina.container.SSLImpl"/>
+ <property name="sslImplementationName"
value="org.ofbiz.catalina.container.SSLImpl"/>
Hi all,
I have a concern with the above change to the setting of the "https" connector
of Tomcat that I have introduced with rev. 1625919 and I would appreciate your advices.
The original code was plugging into the https the OFBiz custom SSL class using the
connector property: "sSLImplementation".
However this property name is no more valid in Tomcat and so it was ignored and
not set. The default Tomcat implementation was then used.
With my commit I have fixed the property to match the right name
"sslImplementationName" and in fact now the OFBiz class is properly passed and
set in the connector.
Unfortunately I don't know much about the OFBiz implementation related to x509
certs; the purpose of the org.ofbiz.catalina.container.SSLImpl class seems to
be that of simply bypassing Tomcat certificate checks (in order to let OFBiz
manage them) but I am not sure if this code is mature and still required.
The easy fix would be that of commenting out the property.
Is anyone currently using (or knows more than me) the OFBiz implementation of
x509 certificates?
It seems not related to this particular change (I tested w/ or w/o) but today the trunk demo no longer work when it still was yesterday. I reverted to
r1625970 and it's now back again.
The OFBiz demos use in url.properties
port.https.enabled=N
I see only this reason but have no time this morning to check the relation with the trunk demo issue. Locally all works correctly so I guess it's only
that
HTH
Jacques
Thanks,
Jacopo
