Hello Everyone,
I have successfully modified a java.security file to
allow an SSL connection for a Tomcat server but now
want to have those changes applied only for my Tomcat
startup (i.e. not change the JVM's java.security
file). I found some documentation that said you could
provide your own security properties file via the
command line using an option like this:
Djava.security.policy==$CATALINA_HOME/conf/my_app.security
But after trying it out and doing some more reading it
looks like this only allows you to change the access
rights and security settings for your java components,
not the JVM's configuration itself. So then I tried
specifying the values I wanted changed via my
CATALINA_OPTS in startup.sh like so:
export -s
CATALINA_OPTS="-Dsecurity.provider.1=sun.security.provider.Sun
-Dsecurity.provider.2=com.ibm.crypto.provider.IBMJCE
.
.
.
-Dkeystore.type=JKS
-Dssl.KeyManagerFactory.algorithm=IbmX509
-Dssl.TrustManagerFactory.algorithm=IbmX509
-Dssl.SocketFactory.provider=com.ibm.jsse.JSSESocketFactory
-Dssl.ServerSocketFactory.provider=com.ibm.jsse.JSSEServerSocketFactory"
But that doesn't seem to work (I wasn't too surprised
at this). I posted this same question on Sun's Java
JSSE forum earlier today but that seems rather dead
and I haven't seen a reply yet. I would think this
would be a relatively normal thing to want to do as
most people wouldn't want their defualt java.security
file messed with just for one application.
Is there a way to specify these values via the command
line rather than changing the users java.security
file?
Any help or pointers to information would be great.
Thanks,
Jason
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
