https://bz.apache.org/bugzilla/show_bug.cgi?id=61566
Bug ID: 61566
Summary: Expose TLS Certificate and Trusted Authority details
through the Manager TLS
Product: Tomcat 9
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Manager
Assignee: dev@tomcat.apache.org
Reporter: apa...@gagravarr.org
Target Milestone: -----
The Tomcat Manager has a page to display all the configured TLS ciphers
It would be nice if it could also show:
* What certificate is active for a connector
* What certificate authorities, if any, are trusted for a connector
At the very least, it'd be good to report the fingerprint and expiry date. Even
better would be to show nearly as much as "openssl x509 text" would show,
and/or allow downloading of the pem-encoded certificate
(The downloading is especially handy for sysadmins used to pem certificates /
openssl / gnutls style certificates and tools, fighting with a java keystore.
You can get the certificate via openssl s_client or similar, the trusted CAs
you can't easily get externally)
TBD - If you're in the middle of a graceful deployment of a new certificate for
a connector (via JMX or via #61565), should it show details of both certs, or
just the latest one? (I don't have a strong feeling either way)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
