I use tomcat 9.0.33 with windows10 home and amazon corretto jdk1.8.0_212.
Below a snapshot of two different Connector definitions in server.xml
<Connector port="443" connectionTimeout="20000" acceptCount="100"
maxThreads="150" SSLEnabled="true" scheme="https"
secure="true"
protocol="nl.messagedesign.tomcatlib.EncryptedPassword_Http11Nio2Protocol"
clientAuth="false" sslEnabledProtocols="TLSv1.2"
minSpareThreads="5"
enableLookups="true" disableUploadTimeout="true"
keystoreFile="C:/Users/Maarten/Certificaten/gm_messagedesign_nl2020.jks"
keystorePass="ZURV/6aoh/mLRxJGFhnvEpVZ7PoL72h3"
/>
<Connector acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" enableLookups="true" maxThreads="150"
minSpareThreads="5" port="443"
protocol="nl.messagedesign.tomcatlib.EncryptedPassword_Http11Nio2Protocol"
SSLEnabled="true" scheme="https" secure="true">
<SSLHostConfig protocols="TLSv1.2">
<Certificate
certificateKeystoreFile="C:/Users/Maarten/Certificaten/gm_messagedesign_nl2020.jks"
certificateKeystorePassword="ZURV/6aoh/mLRxJGFhnvEpVZ7PoL72h3"
certificateKeystoreType="JKS"/>
</SSLHostConfig>
</Connector>
Using the first Connector everything is working fine. Debugging the
setKeystorePass method of the class
nl.messagedesign.tomcatlib.EncryptedPassword_Http11Nio2Protocol in the
protocol attribute shows that the encrypted password gets decrypted.
Using the second connector with the SSLHostConfig element instead of the
deprecated attributes debugging shows that the setKeystorePass method is
not called and I get errors for the incorrect password of the keystore.
What am I doing wrong in migrating to the configuration with the
SSLHostConfig element?
Sincerely yours, Maarten van den Broek
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
