-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dan,
On 11/7/13, 2:43 PM, Daniel Mikusa wrote: > On Nov 7, 2013, at 2:08 PM, Crystal Maramba > <cmara...@acumenllc.com> wrote: > >> Thanks, Dan. That helps a lot. > > Please don't top post. Reply inline or at the bottom. > >> 2) a. I was referring to importing another certificate to the >> same .keystore that Instance1 is using. > > A keystore file can contain multiple certificates. You just need > to specify which certificate to use and that is done by specifying > the "keyAlias" attribute on your connector. > >> 3) The tomcat-users.xml file is used to store the user and >> password for the tomcat manager which is used to deploy .war >> files. > > Ignore what I previously wrote here. You can store hashes of your > password in tomcat-users.xml. To do this, you need to add the > "digest" attribute on your Realm. For the default configuration > that would look like this. Note that Tomcat uses a bare cryptographic digest, and not anything more industrial-strength such as a "password derivation" function like bcrypt/scrypt/PBKDF2. As such, your tomcat-users.xml file will be vulnerable to rainbow-attacks, etc. if stolen. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSfAizAAoJEBzwKT+lPKRYDIYP/A+b92pYcR9Z3wNCUiiJCa9J 4raZqaBsIgTnXDX+d5Q+PdMmcyX6bru5KYi2iz+GsXToQMKOJSzCAnZTUjiNpiAI O3C/x5Rcw0jaICIFhAmX4WMlOio2vN7aiIgVv5HDHVgB3b3h4bjhNeDQF9rsSsN5 HOSOak3fpeBz9cp3hVAc7QGskwbsgfzDBIorj/QGecyZAWnXWt0+ZEaXuJjCLrow LsQ2OnyElxxE3wpaPDXZfaf4lzN1Er0qX9ofiVmUEH7SQm2/iR3zQXGzNGYxyUQb fVbH71euT96WG+ilV2UghVJLGMtKVv5fIjBaB0RAe8LslodmVZpNHl4Uw8i2/4X1 UPMLGfeYLuwNn2PGh/L/JC7y9B2jOACo8mrIMLRmSmqYeNydyZiWx3yg/xqu8ifv a6hE69tqwWiq6Ukfit4/b3RgOBeh1N20QLd6R/IOTO0stgUH2y7ajXFzirqdOy8N EknoSc1cuBqtvEq6tpn6MbeZUYexNKLD+V6QH3GOb9CMp8AbF8cRZpt6fkpdTXIX wvLtW+PAfzSgq/De8ncmPOytekTsc5CHwzvolEhMc+2posw0OY875CJotHUnJgJ0 8nKE7TwlKRUZiJyC5W/eufERqY3KMS+imkh7zwmaOyK2Q8RH10zLpILLHplMDzzh cu/oXnlGRqNTv0pmxvPo =l2cb -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
