You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cc...@apache.org on 2001/09/30 22:57:23 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util/net SSLSocketFactory.java
ccain 01/09/30 13:57:23
Modified: src/etc prof-server.xml server.xml
src/share/org/apache/tomcat/util/net SSLSocketFactory.java
Log:
Minor cleanup of SSL standalone instructions and comments, mostly to remove
outdated java.security provider step. Revamped tomcat-ssl-howto.html to
follow shortly.
Revision Changes Path
1.3 +9 -11 jakarta-tomcat/src/etc/prof-server.xml
Index: prof-server.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/etc/prof-server.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- prof-server.xml 2001/06/09 03:18:17 1.2
+++ prof-server.xml 2001/09/30 20:57:23 1.3
@@ -59,20 +59,18 @@
minSpareThreads="10" />
<!--
- Uncomment this for SSL support.
- You _need_ to set up a server certificate if you want this
- to work, and you need JSSE.
- 1. Add JSSE jars to CLASSPATH
- 2. Edit java.home/jre/lib/security/java.security
- Add:
- security.provider.2=com.sun.net.ssl.internal.ssl.Provider
- 3. Do: keytool -genkey -alias tomcat -keyalg RSA
+ Uncomment this for SSL support. You _need_ to set up a
+ server certificate if you want this to work, and you
+ need JSSE. See tomcat-ssl-howto.html for more detailed
+ instructions.
+
+ 1. Make the JSSE jars available to Tomcat, either by making
+ them an installed extension or by adding them to the
+ Tomcat CLASSPATH.
+ 2. Do: keytool -genkey -alias tomcat -keyalg RSA
RSA is essential to work with Netscape and IIS.
Use "changeit" as password. ( or add keypass attribute )
You don't need to sign the certificate.
-
- You can set parameter keystore and keypass if you want
- to change the default ( user.home/.keystore with changeit )
-->
<!--
<RequestInterceptor
1.91 +9 -11 jakarta-tomcat/src/etc/server.xml
Index: server.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/etc/server.xml,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -r1.90 -r1.91
--- server.xml 2001/09/08 20:08:31 1.90
+++ server.xml 2001/09/30 20:57:23 1.91
@@ -188,20 +188,18 @@
minSpareThreads="10" />
<!--
- Uncomment this for SSL support.
- You _need_ to set up a server certificate if you want this
- to work, and you need JSSE.
- 1. Add JSSE jars to CLASSPATH
- 2. Edit java.home/jre/lib/security/java.security
- Add:
- security.provider.2=com.sun.net.ssl.internal.ssl.Provider
- 3. Do: keytool -genkey -alias tomcat -keyalg RSA
+ Uncomment this for SSL support. You _need_ to set up a
+ server certificate if you want this to work, and you
+ need JSSE. See tomcat-ssl-howto.html for more detailed
+ instructions.
+
+ 1. Make the JSSE jars available to Tomcat, either by making
+ them an installed extension or by adding them to the
+ Tomcat CLASSPATH.
+ 2. Do: keytool -genkey -alias tomcat -keyalg RSA
RSA is essential to work with Netscape and IIS.
Use "changeit" as password. ( or add keypass attribute )
You don't need to sign the certificate.
-
- You can set parameter keystore and keypass if you want
- to change the default ( user.home/.keystore with changeit )
-->
<!--
<Http10Connector port="8443" secure="true" />
1.3 +4 -7 jakarta-tomcat/src/share/org/apache/tomcat/util/net/SSLSocketFactory.java
Index: SSLSocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/net/SSLSocketFactory.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- SSLSocketFactory.java 2000/10/06 05:19:20 1.2
+++ SSLSocketFactory.java 2001/09/30 20:57:23 1.3
@@ -72,10 +72,10 @@
import javax.net.ssl.HandshakeCompletedEvent;
/*
- 1. Add Jsse's jars into jre/lib/ext
- 2. Edit java.security, add
- security.provider.2=com.sun.net.ssl.internal.ssl.Provider
- 3. keytool -genkey -alias tomcat -keyalg RSA
+ 1. Make the JSSE's jars available, either as an installed
+ extension (copy them into jre/lib/ext) or by adding
+ them to the Tomcat classpath.
+ 2. keytool -genkey -alias tomcat -keyalg RSA
Use "changeit" as password ( this is the default we use )
*/
@@ -146,9 +146,6 @@
*/
private void initProxy() throws IOException {
try {
- /** You should have this in java.security, but
- can't hurt to double check
- */
Security.addProvider (new sun.security.provider.Sun());
Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider());