You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/02/15 20:26:08 UTC
[tomcat] branch 10.1.x updated: Use a constant for the default certificate alias
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 789d707450 Use a constant for the default certificate alias
789d707450 is described below
commit 789d707450cb1efec5ff2f87cb44f40bdc9d58eb
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 15 20:25:21 2023 +0000
Use a constant for the default certificate alias
---
java/org/apache/catalina/manager/ManagerServlet.java | 3 ++-
java/org/apache/tomcat/util/net/SSLUtilBase.java | 2 +-
java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java | 5 +++--
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/manager/ManagerServlet.java b/java/org/apache/catalina/manager/ManagerServlet.java
index 827ee0a87e..8856a983f4 100644
--- a/java/org/apache/catalina/manager/ManagerServlet.java
+++ b/java/org/apache/catalina/manager/ManagerServlet.java
@@ -73,6 +73,7 @@ import org.apache.tomcat.util.modeler.Registry;
import org.apache.tomcat.util.net.SSLContext;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
+import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.security.Escape;
@@ -1715,7 +1716,7 @@ public class ManagerServlet extends HttpServlet implements ContainerServlet {
SSLContext sslContext = sslHostConfigCert.getSslContext();
String alias = sslHostConfigCert.getCertificateKeyAlias();
if (alias == null) {
- alias = "tomcat";
+ alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
}
X509Certificate[] certs = sslContext.getCertificateChain(alias);
if (certs == null) {
diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java
index 4677fadbb7..c1988834e4 100644
--- a/java/org/apache/tomcat/util/net/SSLUtilBase.java
+++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java
@@ -70,7 +70,7 @@ public abstract class SSLUtilBase implements SSLUtil {
private static final Log log = LogFactory.getLog(SSLUtilBase.class);
private static final StringManager sm = StringManager.getManager(SSLUtilBase.class);
- protected static final String DEFAULT_KEY_ALIAS = "tomcat";
+ public static final String DEFAULT_KEY_ALIAS = "tomcat";
protected final SSLHostConfig sslHostConfig;
protected final SSLHostConfigCertificate certificate;
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index 9f09959e7a..6ceaf89bb5 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -53,6 +53,7 @@ import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfig.CertificateVerification;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
+import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.res.StringManager;
public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
@@ -482,7 +483,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
String alias = certificate.getCertificateKeyAlias();
X509KeyManager x509KeyManager = certificate.getCertificateKeyManager();
if (alias == null) {
- alias = "tomcat";
+ alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
}
X509Certificate[] chain = x509KeyManager.getCertificateChain(alias);
if (chain == null) {
@@ -599,7 +600,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
X509KeyManager x509KeyManager = certificate.getCertificateKeyManager();
if (x509KeyManager != null) {
if (alias == null) {
- alias = "tomcat";
+ alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
}
chain = x509KeyManager.getCertificateChain(alias);
if (chain == null) {
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org