> From: Samuli Seppänen [mailto:[EMAIL PROTECTED] > Subject: Re: Tomcat 5.5 and SSL connector: keystore was > tampered with [SOLVED] > > Tomcat SSL <Connector> entries accept the following parameters: > - keystorePass (password for the JKS (Java keystore) > - keypass (password for the key inside the JKS > - keystoreFile (keystore location in filesystem)
The problem with your analysis is that the kepass attribute is not in the Tomcat doc, and you've misinterpreted the code. As currently implemented, the keypass attribute is simply an internal alias for keystorePass, nothing else. Note the following from the SSL how-to: "Finally, you will be prompted for the key password, which is the password specifically for this Certificate (as opposed to any other Certificates stored in the same keystore file). You MUST use the same password here as was used for the keystore password itself." "Note: your private key password and keystore password should be the same." If you want things to work differently, submit an enhancement request (preferably with a patch). > At least on 5.5.20 the "keystoreFile" parameters has > to be inserted straight into <Connector>, contrary to > what the Howto says. Where else does the doc say the keystoreFile attribute can be specified? I can't find anything other than a comment about its default location, which seems to work fine. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]