You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/02/15 20:26:08 UTC

[tomcat] branch 10.1.x updated: Use a constant for the default certificate alias

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
     new 789d707450 Use a constant for the default certificate alias
789d707450 is described below

commit 789d707450cb1efec5ff2f87cb44f40bdc9d58eb
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 15 20:25:21 2023 +0000

    Use a constant for the default certificate alias
---
 java/org/apache/catalina/manager/ManagerServlet.java        | 3 ++-
 java/org/apache/tomcat/util/net/SSLUtilBase.java            | 2 +-
 java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java | 5 +++--
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/catalina/manager/ManagerServlet.java b/java/org/apache/catalina/manager/ManagerServlet.java
index 827ee0a87e..8856a983f4 100644
--- a/java/org/apache/catalina/manager/ManagerServlet.java
+++ b/java/org/apache/catalina/manager/ManagerServlet.java
@@ -73,6 +73,7 @@ import org.apache.tomcat.util.modeler.Registry;
 import org.apache.tomcat.util.net.SSLContext;
 import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.SSLHostConfigCertificate;
+import org.apache.tomcat.util.net.SSLUtilBase;
 import org.apache.tomcat.util.res.StringManager;
 import org.apache.tomcat.util.security.Escape;
 
@@ -1715,7 +1716,7 @@ public class ManagerServlet extends HttpServlet implements ContainerServlet {
                             SSLContext sslContext = sslHostConfigCert.getSslContext();
                             String alias = sslHostConfigCert.getCertificateKeyAlias();
                             if (alias == null) {
-                                alias = "tomcat";
+                                alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
                             }
                             X509Certificate[] certs = sslContext.getCertificateChain(alias);
                             if (certs == null) {
diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java
index 4677fadbb7..c1988834e4 100644
--- a/java/org/apache/tomcat/util/net/SSLUtilBase.java
+++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java
@@ -70,7 +70,7 @@ public abstract class SSLUtilBase implements SSLUtil {
     private static final Log log = LogFactory.getLog(SSLUtilBase.class);
     private static final StringManager sm = StringManager.getManager(SSLUtilBase.class);
 
-    protected static final String DEFAULT_KEY_ALIAS = "tomcat";
+    public static final String DEFAULT_KEY_ALIAS = "tomcat";
 
     protected final SSLHostConfig sslHostConfig;
     protected final SSLHostConfigCertificate certificate;
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index 9f09959e7a..6ceaf89bb5 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -53,6 +53,7 @@ import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.SSLHostConfig.CertificateVerification;
 import org.apache.tomcat.util.net.SSLHostConfigCertificate;
 import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
+import org.apache.tomcat.util.net.SSLUtilBase;
 import org.apache.tomcat.util.res.StringManager;
 
 public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
@@ -482,7 +483,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
             String alias = certificate.getCertificateKeyAlias();
             X509KeyManager x509KeyManager = certificate.getCertificateKeyManager();
             if (alias == null) {
-                alias = "tomcat";
+                alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
             }
             X509Certificate[] chain = x509KeyManager.getCertificateChain(alias);
             if (chain == null) {
@@ -599,7 +600,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
         X509KeyManager x509KeyManager = certificate.getCertificateKeyManager();
         if (x509KeyManager != null) {
             if (alias == null) {
-                alias = "tomcat";
+                alias = SSLUtilBase.DEFAULT_KEY_ALIAS;
             }
             chain = x509KeyManager.getCertificateChain(alias);
             if (chain == null) {


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org