You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2016/04/21 16:02:13 UTC

[Bug 59344] PEM file support for JSSE

https://bz.apache.org/bugzilla/show_bug.cgi?id=59344

--- Comment #1 from Emmanuel Bourg <eb...@apache.org> ---
Created attachment 33788
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=33788&action=edit
PEM support implementation

Here is a patch implementing this feature:
- SSLHostConfigCertificate is modified to accept certificateFile,
certificateChainFile and certificateKeyFile with JSSE
- The HTTP connector documentation is updated accordingly
- A new package private class org.apache.tomcat.util.net.jsse.PEMFile is added
to handle the PEM file parsing and decoding. It supports PKCS#8 private keys
only.
- JSSEUtil.getKeyManagers() is modified to create an in-memory keystore
initialized with the PEM files when the certificateFile is specified.
- TesterSupport is modified to make it possible to initialize SSL with PEM
files even when the APR connector isn't used.
- TestSsl is extended to test SSL with plain text and encrypted keys. It is
missing a test with a certificate chain file to cover all the cases (the test
certificate being self signed it has no intermediary CA).

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org