Am Mittwoch, 10. Dezember 2003 06:59 schrieb Bill Barker:
> "Ankur Shah" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
>
> > Remy Maucherat wrote:
> > > Baer Peter Christoph Alexander wrote:
> > >> Hi!
> > >>
> > >> I have a question about something, I observe, but don't
> > >> want to believe... ;-)
> > >>
> > >> Tomcat 5 can use my keystore, but only if the password is
> > >> "changeit", the default password. Now, the docs say, one
> > >> should use this, but with TC 4.0.6 it was possible to
> > >> change it. Is the password hard coded in TC 5?
> > >
> > > I didn't test that particular feature myself, but I believe this works
> > > ok.
> > > The way connectors parameters (and in particular SSL parameters) are
> > > defined changed in TC 5.0.x. Look there:
> > > http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/coyote.html
> > > There's the SSL howto also.
> >
> > Also, you might want to make sure that the password of your *target key*
> > matches your keystore password. I'm not sure how that plays out in
> > tomcat world, but I can see that to be a problem if the server assumes
> > the key's password to be the same as that of the keystore.
>
> This is a true fact :(. At the moment, the keystore password must match
> the password for the target-key. It would be nice to be able to specify
> different passwords, and someday it may even happen :). If this feature is
> important to you, patches are always welcome (since this is the only way
> that it will move up in my development queue).
>
Hi, thanks again for your valuable assistance.
(1) Thanks, Remy, for the hint with the changed SSL attributes.
I already had removed a <FACTORY> tag for the SSL factory class, but
I had overlooked that an attribute name was changed from "Protocol" to
"sslProtocol". That was it!
(2) I agree with you, Ankur. I also think that the key should be allowed
to have another password than the keystore. This would be a prerequisite
to store more than one key in a keystore. It's not a big problem, though...
Best wishes,
Alex
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
