On 26/10/2023 11:05, yanyizhong wrote:
Hi Tomcat team,
Version: Tomcat 10.1.15
I am trying to upgrade Tomcat from version 9.0.56 into 10.1.15, and found that
there is no setKeystorePass(String) method in tomcat 10.1.15.
As we want to use the custom keystore encryption password in server.xml like
this:
<Connector prt="8080" protocol="test.CustomHttp11Nio2Protocol"
chiphhers="TLS_ECDHE_RSA_WITH_AES_123_GCM_SHA256"
keystoreFile="E:\tes.jks"
keystorePass="xsdfdfdsfdfxdf(encryption password)"
keystoreType"JKS" />
And this "encrypted" password is "decrypted" how?
https://cwiki.apache.org/confluence/display/TOMCAT/Password
(Hint: this is a waste of time from a security perspective.)
If you can find a way to make this work then you are welcome to use it
but I am sure as I can be that if source code changes are required in
Tomcat to make this work they won't be happening.
I suspect the way to do this (if you really must) would be via a custom
PropertySource. If you look at the existing implementations then you
should have enough hints to put together an implementation that looks
for "enc:...." and "decrypts" what it finds.
Note that org.apache.tomcat.util.digester.PROPERTY_SOURCE multiple
values, separated by commas.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
