Am Mittwoch, 10. Dezember 2003 06:59 schrieb Bill Barker: > "Ankur Shah" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > > > Remy Maucherat wrote: > > > Baer Peter Christoph Alexander wrote: > > >> Hi! > > >> > > >> I have a question about something, I observe, but don't > > >> want to believe... ;-) > > >> > > >> Tomcat 5 can use my keystore, but only if the password is > > >> "changeit", the default password. Now, the docs say, one > > >> should use this, but with TC 4.0.6 it was possible to > > >> change it. Is the password hard coded in TC 5? > > > > > > I didn't test that particular feature myself, but I believe this works > > > ok. > > > The way connectors parameters (and in particular SSL parameters) are > > > defined changed in TC 5.0.x. Look there: > > > http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/coyote.html > > > There's the SSL howto also. > > > > Also, you might want to make sure that the password of your *target key* > > matches your keystore password. I'm not sure how that plays out in > > tomcat world, but I can see that to be a problem if the server assumes > > the key's password to be the same as that of the keystore. > > This is a true fact :(. At the moment, the keystore password must match > the password for the target-key. It would be nice to be able to specify > different passwords, and someday it may even happen :). If this feature is > important to you, patches are always welcome (since this is the only way > that it will move up in my development queue). >
Hi, thanks again for your valuable assistance. (1) Thanks, Remy, for the hint with the changed SSL attributes. I already had removed a <FACTORY> tag for the SSL factory class, but I had overlooked that an attribute name was changed from "Protocol" to "sslProtocol". That was it! (2) I agree with you, Ankur. I also think that the key should be allowed to have another password than the keystore. This would be a prerequisite to store more than one key in a keystore. It's not a big problem, though... Best wishes, Alex --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]