Hello All,
The below tag is used to for making use of keystore on snmartcard. It works fine <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" protocols="TLSv1" algorithm="SunX509" keystore="NONE" keystoreType="PKCS11" keystoreProvider="smartcard provider" keystorePass="XXXXXXXXX" /> But , What I want to make is to remove keystorePass="XXXXXXXXX" tag and give this keystore password when tomcat starts up. I presume this type of hardcoding in server.xml is security loop hole. Apache asks keystore password during its start up. Any suggestions to avoid the hard coding of the password in tomcat will appreciated. Thanks :-), Pramod TK