I found org.apache.catalina.net.SSLServerSocketFactory useful for
another project of mine. However, my keystore is PKCS12 format, and
Keystore.getInstance("PKCS12") fails unless the security provider is
loaded first.
I am using java 1.3.1 and JSSE 1.0.3_03.
Here's a patch to look at.
-broc
Index: SSLServerSocketFactory.java
===================================================================
RCS file:
/home/cvspublic/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalin
a/net/SSLServerSocketFactory.java,v
retrieving revision 1.10
diff -u -r1.10 SSLServerSocketFactory.java
--- SSLServerSocketFactory.java 30 Nov 2001 23:00:45 -0000 1.10
+++ SSLServerSocketFactory.java 7 May 2004 17:06:54 -0000
@@ -381,6 +381,7 @@
KeyManagementException
{
+ initSecurityProvider();
initHandler();
initKeyStore();
initProxy();
@@ -388,6 +389,20 @@
}
+ /**
+ * Register JSSE security provider.
+ */
+ private void initSecurityProvider() {
+ // Register the JSSE security Provider (if it is not
already there)
+ try {
+ Security.addProvider((java.security.Provider)
+
Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance());
+ } catch (Throwable t) {
+ ;
+ }
+ }
+
+
/**
* Register our URLStreamHandler for the "https:" protocol.
*/
@@ -456,15 +471,6 @@
throws KeyStoreException, NoSuchAlgorithmException,
UnrecoverableKeyException, KeyManagementException
{
-
- // Register the JSSE security Provider (if it is not already
there)
- try {
- Security.addProvider((java.security.Provider)
-
Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance());
- } catch (Throwable t) {
- ;
- }
-
// Create an SSL context used to create an SSL socket factory
SSLContext context = SSLContext.getInstance(protocol);
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
