You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Jack <ja...@hotmail.com> on 2006/01/23 17:39:17 UTC

please pickup this bug

please pick up this bug I report in
"There must be a bug in SSL support" in user group.

hi, guys don't waste it.
By the way, is there anybody know how can i make a link to a specific msg?

jackzhp@hotmail.com




---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Is this a bug or not?

Posted by Jack <ja...@hotmail.com>.

> Another of these useless messages and I will ban you.
Too bad to hear this.

Now I put everything here:
my ssl is ok, then I just add a new key to .keystore,
then my ssl doesn't work.
the client get the new key from the tomcat server.
after I delete the new key,
everything starts to work again.

With a little bit effort, i found that
In the getKeyManagers of org.apache.tomcat.util.net.jsse.JSSE14SocketFactory
we can see the following code:
        kms = kmf.getKeyManagers();
        if (keyAlias != null)
       {   if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType))
           {  keyAlias = keyAlias.toLowerCase();
            }
            for(int i=0; i<kms.length; i++)
            {   kms[i] = new JSSEKeyManager((X509KeyManager)kms[i], 
keyAlias);
        }  }
        return kms;

When the keyAlias==null, we don't use our own JSSEKeyManager at all.
I believe that the for loop should be moved outside of the if statemet.

If I am right, pick it up.
If I am wrong, just let me know.
It is not my intention to spend my time to post useless messages.

jackzhp@hotmail.com




---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: please pickup this bug

Posted by Remy Maucherat <re...@apache.org>.

Jack wrote:
> please pick up this bug I report in
> "There must be a bug in SSL support" in user group.
> 
> hi, guys don't waste it.
> By the way, is there anybody know how can i make a link to a specific msg?

Another of these useless messages and I will ban you.

Rémy

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org