You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/02/15 20:26:17 UTC
[tomcat] branch 8.5.x updated: Use a constant for the default certificate alias
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 109447c35d Use a constant for the default certificate alias
109447c35d is described below
commit 109447c35d7b792baf1c25625135d64c6cc07b8e
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 15 20:25:21 2023 +0000
Use a constant for the default certificate alias
---
java/org/apache/catalina/manager/ManagerServlet.java | 3 ++-
java/org/apache/tomcat/util/net/SSLUtilBase.java | 2 +-
java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java | 5 +++--
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/manager/ManagerServlet.java b/java/org/apache/catalina/manager/ManagerServlet.java
index ae9665bb29..fcaeaba66e 100644
--- a/java/org/apache/catalina/manager/ManagerServlet.java
+++ b/java/org/apache/catalina/manager/ManagerServlet.java
@@ -72,6 +72,7 @@ import org.apache.tomcat.util.modeler.Registry;
import org.apache.tomcat.util.net.SSLContext;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
+import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.security.Escape;
@@ -1850,7 +1851,7 @@ public class ManagerServlet extends HttpServlet implements ContainerServlet {
SSLContext sslContext = sslHostConfigCert.getSslContext();
String alias = sslHostConfigCert.getCertificateKeyAlias();
if (alias == null) {
- alias = "tomcat";
+ alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
}
X509Certificate[] certs = sslContext.getCertificateChain(alias);
if (certs == null) {
diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java
index 4c1d268cc2..3866475469 100644
--- a/java/org/apache/tomcat/util/net/SSLUtilBase.java
+++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java
@@ -69,7 +69,7 @@ public abstract class SSLUtilBase implements SSLUtil {
private static final Log log = LogFactory.getLog(SSLUtilBase.class);
private static final StringManager sm = StringManager.getManager(SSLUtilBase.class);
- protected static final String DEFAULT_KEY_ALIAS = "tomcat";
+ public static final String DEFAULT_KEY_ALIAS = "tomcat";
protected final SSLHostConfig sslHostConfig;
protected final SSLHostConfigCertificate certificate;
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index 135dc3874a..cba63f00f6 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -52,6 +52,7 @@ import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfig.CertificateVerification;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
+import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.res.StringManager;
public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
@@ -485,7 +486,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
String alias = certificate.getCertificateKeyAlias();
X509KeyManager x509KeyManager = certificate.getCertificateKeyManager();
if (alias == null) {
- alias = "tomcat";
+ alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
}
X509Certificate[] chain = x509KeyManager.getCertificateChain(alias);
if (chain == null) {
@@ -606,7 +607,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
X509KeyManager x509KeyManager = certificate.getCertificateKeyManager();
if (x509KeyManager != null) {
if (alias == null) {
- alias = "tomcat";
+ alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
}
chain = x509KeyManager.getCertificateChain(alias);
if (chain == null) {
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org