[
https://issues.apache.org/jira/browse/FTPSERVER-93?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12522056
]
Niklas Gustavsson commented on FTPSERVER-93:
--------------------------------------------
That's pretty much exactly what I did, except that the custom KeyManager wraps
another X509KeyManager, rather then directly handling the key store. It works
in all test cases except one, the one where we enable a specific cipher spec
and use the MINA listener implementation. If this is a fault in FtpServer, MINA
or the JRE I'm still unsure of.
I've attached a patch for the change I've done. Please try to apply it and run
the SSL tests, it should show the test failure I'm seeing.
> Support for alias when configuring SSL
> --------------------------------------
>
> Key: FTPSERVER-93
> URL: https://issues.apache.org/jira/browse/FTPSERVER-93
> Project: FtpServer
> Issue Type: Wish
> Components: Core
> Affects Versions: 1.0-M1
> Reporter: Steve Jones
> Assignee: Niklas Gustavsson
> Fix For: 1.0-M2
>
> Attachments: keyalias.patch
>
>
> Configuration for the the SSL listeners should support an "alias".
> This would allow a particular key to be selected from a keystore.
> For reference, here's the tomcat class that does this:
> org.apache.tomcat.util.net.jsse.JSSEKeyManager.java
> The only tricky part that I am aware of is that for JKS keystores the alias
> should be converted to all lower case.
> Also for reference, this is the extended X509 key manager that uses aliases:
>
> http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/X509ExtendedKeyManager.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
