-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Diarmuid,
On 9/7/15 12:29 PM, dmccrthy wrote: > You were right. The issue was with the code our vendor supplied for > the Tomcat client webapp making outbound HTTPS connections. This > was not correctly overriding classes with the result that the > truststore and keystore environment settings were being completely > ignored. > > Thanks for your patience with this. It seems our vendor was not > paying enough attention to log files and had me convinced that the > issue was on our side. Your findings reiterating that it had to be > something else helped me a lot. Glad to help. Encrypted connections with Java requires a great deal of plumbing code and if it hasn't been done properly, it can make it impossible to use the library in the way you want. For instance, if you want to use a different trust store for TLS connections than whatever -Djavax.net.ssl.trustStore is set to, and the library doesn't support it, you are dead in the water: you have to get the library authors to re-write the code to support it. I had to do this a while back with my own client code and ended up liberally borrowing methods from Apache Tomcat to do it. Whoever did that code in the past made it very easy for me to follow in their footsteps. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJV8DRIAAoJEBzwKT+lPKRYbdMQAJZBg3MRmcQevN8gwBiGST7K ubFN3uyKpOva/r8cO+qG+A3CRHd6ZW4gSe6ILxqopTxTNop+/NZuQycHSa3X+Rd+ Hd6nvMWyuXNyQe7v0U4PiZwSDyBWXw406c42B8lKo8vjuzpU7RYolkM43HkgHaLY X56BAP2IQXfjLwPcUUPl7VZF5nUTu0NtSoEqaVXeWWR11GGSw8P5u+5ZPVPo3f1l 5DwrCY3B/0d73CKbUB55Fj11QKG7rhHWYqzjVLXA87hBx1zlKSOIiu0MA2xb+IeM qbiyyI9CwTB6UIyCIsF7PzwUGlfBWLJwrv1eqn69uemqkOCIIxoZVkV8RuHWgFv8 5sZRcYCidlgztnIL9FsCfJRvqV8IxIwTFEZGgpzlXKvgkSiHohhjSd4KZJA1itc5 01X6K2ZW7jxWE/AYBAM21G1fjijPbXE+pcAQ+p+kP0CccPrM1O4PeDOVKjrjGGSR b9fbFG0ntW8Z4Dud/2NFvu8DwmNMZzv56kdvKD4H1G51YkTvM+jgub0koNacgnDS XlCPLdM6ihzLYe5bqyChB6aFpchCNaI3Q1KE02bV3IWXEKtSuqLq+ZtIWiEgGUsI mbOtq7h3OHsaHLPfB6Jgi0YXtL/ZXeWatHe0Cab4mL91H0wnWObU6+ly+tfLdC3Z JMenJy+1Pw2eU9HutmDZ =LRWm -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
