https://bz.apache.org/bugzilla/show_bug.cgi?id=61566
Bug ID: 61566 Summary: Expose TLS Certificate and Trusted Authority details through the Manager TLS Product: Tomcat 9 Version: unspecified Hardware: PC OS: Linux Status: NEW Severity: enhancement Priority: P2 Component: Manager Assignee: dev@tomcat.apache.org Reporter: apa...@gagravarr.org Target Milestone: ----- The Tomcat Manager has a page to display all the configured TLS ciphers It would be nice if it could also show: * What certificate is active for a connector * What certificate authorities, if any, are trusted for a connector At the very least, it'd be good to report the fingerprint and expiry date. Even better would be to show nearly as much as "openssl x509 text" would show, and/or allow downloading of the pem-encoded certificate (The downloading is especially handy for sysadmins used to pem certificates / openssl / gnutls style certificates and tools, fighting with a java keystore. You can get the certificate via openssl s_client or similar, the trusted CAs you can't easily get externally) TBD - If you're in the middle of a graceful deployment of a new certificate for a connector (via JMX or via #61565), should it show details of both certs, or just the latest one? (I don't have a strong feeling either way) -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org