On 22/06/2015 07:06, jean-frederic clere wrote: > On 06/19/2015 10:01 PM, Mark Thomas wrote: >> I'm looking at integrating multiple certificate support with APR/native >> and the new OpenSSLContext. >> >> I have a query about the following method that I hope those that have >> been working in this area recently will be able to answer. >> >> SSLContext.setCertificate(long ctx, String cert, String key, >> String password, int idx) >> >> The idx can either be 0 (RSA) or 1 (DSS). > > It is tested between 0 and <4.
Ah. I was looking at the c code and the Java constants definitions (which appear to be out of date). >> >> I know the tc-native enforces that idx is 0 or 1. Does it require that >> idx is 0 for RSA keys and 1 for DSS keys? > > According the include: > +++ > #define SSL_AIDX_RSA (0) > #define SSL_AIDX_DSA (1) > #define SSL_AIDX_ECC (3) > #define SSL_AIDX_MAX (4) > +++ > >> >> How does one specify an ECC key? > > Using 3 I guess but I don't see a different handling for the different > type of key/cert... Basically it looks like the latest call tells which > key/cert will be used. Thanks. I'll do some more testing. Cheers, Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org