Hello, I am not sure what you are asking for here. You say that you fond some instructions on "Creating Your Own X509TrustManager" ... thats good. 1) Given that you have these instructions, whats the issue at hand? Conceptually (and without even looking at any content other than the title) I would chime-in and say that it sounds like ... if you can create your own TrustManager then you most likely make dynamic additions to it. 2) Or may be you have yet to implement any such solution and are still lookign for pre-provided alternatives?
There are always modules like EJBCA(http://ejbca.sourceforge.net/) that you might want to have a look at, I think it can be deployed on Tomcat. On 6/11/07, Ronald Spiers <[EMAIL PROTECTED]> wrote:
Hi, I am preparing a self enrollment webapp for generating client certificates and adding them to the server keystore. I know that Tomcat won't reload keystore unless the server is restarted, so I did look for alternatives, and the JSSE guide explains an approach to this in the section "Creating Your Own X509TrustManager". My question is: Does anybody in this list have some experience solving this problem?, providing tomcat a custom trust manager to dynamically add a client certificate to the verification path when client credentials are presented? Can self-enrollment be done using Tomcat and JSSE? maybe it can't be done I am just wasting my time ;) I have searched a lot in the last 3 days, tomcat list archives and other materials, I have not found a single solution to this problem, except for the JSSE guide and this article, that explains how to create a trustManager and a SSLContext for implementing S/MIME with JavaMail: * http://www.javaworld.com/javatips/jw-javatip115.html Thanks a lot for any feedback you can provide. Regards, Martin --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]