https://bz.apache.org/bugzilla/show_bug.cgi?id=67675
--- Comment #4 from Michael Osipov <micha...@apache.org> --- (In reply to Mark Thomas from comment #3) > It seems that very few (no?) users are creating keys with pass-phrases this > way as this isn't an issue that has been reported previously and we went > through a phase of getting reports of unsupported formats when we added the > "try and use an in-memory keystore for everything" code. Well, we say that people can use any combination, therefore I'd expect this either just to work or documented NOT to work. > I'm not adverse to trying to fix this as it is an OpenSSL default (which > version by the way?). My only reservation at this point is how complex the > fix might get. That depends on how much of the fix can use the standard Java > APIs and how much we end up having to hand-craft. This applies to any OpenSSL version 1.1.1+ since DES3 is hardcoded and the cipher cannot be changed unless you do the separate commands. Unfortunately, I cannot judge what the effort is to implement this in Java, but at least we can figure out combos which do not work and document meanwhile. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
