You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/12/13 12:31:27 UTC

svn commit: r1818004 - in /tomcat/trunk: java/org/apache/catalina/manager/LocalStrings.properties java/org/apache/catalina/manager/ManagerServlet.java webapps/docs/manager-howto.xml

Author: markt
Date: Wed Dec 13 12:31:27 2017
New Revision: 1818004

URL: http://svn.apache.org/viewvc?rev=1818004&view=rev
Log:
Expand fix for BZ 61566 to the script interface as well as the HTML interface.

Modified:
    tomcat/trunk/java/org/apache/catalina/manager/LocalStrings.properties
    tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
    tomcat/trunk/webapps/docs/manager-howto.xml

Modified: tomcat/trunk/java/org/apache/catalina/manager/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/LocalStrings.properties?rev=1818004&r1=1818003&r2=1818004&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/manager/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/catalina/manager/LocalStrings.properties Wed Dec 13 12:31:27 2017
@@ -114,6 +114,8 @@ managerServlet.sessiontimeout.unlimited=
 managerServlet.sessiontimeout.expired=[{0}] minutes: [{1}] sessions were expired
 managerServlet.sessions=OK - Session information for application at context path [{0}]
 managerServlet.sslConnectorCiphers=OK - Connector / SSL Cipher information
+managerServlet.sslConnectorCerts=OK - Connector / Certificate Chain information
+managerServlet.sslConnectorTrustedCerts=OK - Connector / Trusted Certificate information
 managerServlet.started=OK - Started application at context path [{0}]
 managerServlet.startFailed=FAIL - Application at context path [{0}] could not be started
 managerServlet.stopped=OK - Stopped application at context path [{0}]

Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1818004&r1=1818003&r2=1818004&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original)
+++ tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Wed Dec 13 12:31:27 2017
@@ -373,6 +373,10 @@ public class ManagerServlet extends Http
             threadDump(writer, smClient, request.getLocales());
         } else if (command.equals("/sslConnectorCiphers")) {
             sslConnectorCiphers(writer, smClient);
+        } else if (command.equals("/sslConnectorCerts")) {
+            sslConnectorCerts(writer, smClient);
+        } else if (command.equals("/sslConnectorTrustedCerts")) {
+            sslConnectorTrustedCerts(writer, smClient);
         } else {
             writer.println(smClient.getString("managerServlet.unknownCommand",
                     command));
@@ -565,10 +569,9 @@ public class ManagerServlet extends Http
         writer.print(Diagnostics.getThreadDump(requestedLocales));
     }
 
-    protected void sslConnectorCiphers(PrintWriter writer,
-            StringManager smClient) {
-        writer.println(smClient.getString(
-                "managerServlet.sslConnectorCiphers"));
+
+    protected void sslConnectorCiphers(PrintWriter writer, StringManager smClient) {
+        writer.println(smClient.getString("managerServlet.sslConnectorCiphers"));
         Map<String,List<String>> connectorCiphers = getConnectorCiphers();
         for (Map.Entry<String,List<String>> entry : connectorCiphers.entrySet()) {
             writer.println(entry.getKey());
@@ -578,6 +581,30 @@ public class ManagerServlet extends Http
             }
         }
     }
+
+
+    private void sslConnectorCerts(PrintWriter writer, StringManager smClient) {
+        writer.println(smClient.getString("managerServlet.sslConnectorCerts"));
+        Map<String,List<String>> connectorCerts = getConnectorCerts();
+        for (Map.Entry<String,List<String>> entry : connectorCerts.entrySet()) {
+            writer.println(entry.getKey());
+            for (String cert : entry.getValue()) {
+                writer.println(cert);
+            }
+        }
+    }
+
+
+    private void sslConnectorTrustedCerts(PrintWriter writer, StringManager smClient) {
+        writer.println(smClient.getString("managerServlet.sslConnectorTrustedCerts"));
+        Map<String,List<String>> connectorTrustedCerts = getConnectorTrustedCerts();
+        for (Map.Entry<String,List<String>> entry : connectorTrustedCerts.entrySet()) {
+            writer.println(entry.getKey());
+            for (String cert : entry.getValue()) {
+                writer.println(cert);
+            }
+        }
+    }
 
 
     /**

Modified: tomcat/trunk/webapps/docs/manager-howto.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/manager-howto.xml?rev=1818004&r1=1818003&r2=1818004&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/manager-howto.xml (original)
+++ tomcat/trunk/webapps/docs/manager-howto.xml Wed Dec 13 12:31:27 2017
@@ -851,7 +851,7 @@ has been reloaded several times, it may
 
 </subsection>
 
-<subsection name="Connector SSL/TLS diagnostics">
+<subsection name="Connector SSL/TLS cipher information">
 
 <source>http://localhost:8080/manager/text/sslConnectorCiphers</source>
 
@@ -871,6 +871,49 @@ Connector[HTTP/1.1-8443]
   ...</source>
 
 </subsection>
+
+<subsection name="Connector SSL/TLS certificate chain information">
+
+<source>http://localhost:8080/manager/text/sslConnectorCerts</source>
+
+<p>The SSL Connector/Certs diagnostic lists the certificate chain that is
+currently configured for each virtual host.</p>
+
+<p>The response will look something like this:</p>
+<source>OK - Connector / Certificate Chain information
+Connector[HTTP/1.1-8080]
+SSL is not enabled for this connector
+Connector[HTTP/1.1-8443]-_default_-RSA
+[
+[
+  Version: V3
+  Subject: CN=localhost, OU=Apache Tomcat PMC, O=The Apache Software Foundation, L=Wakefield, ST=MA, C=US
+  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
+  ...</source>
+
+</subsection>
+
+<subsection name="Connector SSL/TLS trusted certificate information">
+
+<source>http://localhost:8080/manager/text/sslConnectorTrustedCerts</source>
+
+<p>The SSL Connector/Certs diagnostic lists the trusted certificates that are
+currently configured for each virtual host.</p>
+
+<p>The response will look something like this:</p>
+<source>OK - Connector / Trusted Certificate information
+Connector[HTTP/1.1-8080]
+SSL is not enabled for this connector
+Connector[AJP/1.3-8009]
+SSL is not enabled for this connector
+Connector[HTTP/1.1-8443]-_default_
+[
+[
+  Version: V3
+  Subject: CN=Apache Tomcat Test CA, OU=Apache Tomcat PMC, O=The Apache Software Foundation, L=Wakefield, ST=MA, C=US
+  ...</source>
+
+</subsection>
 
 <subsection name="Thread Dump">
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org