SSL keystore with more than one key entry - which alias is used?

[John Ryan-Brown <jo...@gmail.com>]

If the keystore that Tomcat uses contains more than one entry where
Entry type = keyEntry, how does Tomcat choose which one to use when
sending a certificate to the client?

It seems as though the alias name is not significant - any alias will do.

After some experimenting it seems it uses the first one found.
Is this correct?
Or is some other method used?

Thanks for your time.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: SSL keystore with more than one key entry - which alias is used?

[Paul Singleton <pa...@jbgb.com>]

John Ryan-Brown wrote:
> If the keystore that Tomcat uses contains more than one entry where
> Entry type = keyEntry, how does Tomcat choose which one to use when
> sending a certificate to the client?

Dunno but there is an undocumented Connector attribute
keyAlias="myalias" which works with 5.5.9 and which means
you (probably) don't need an answer to your question

Paul Singleton

PS don't believe rumours that it always offers the cert
with alias 'tomcat'


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.7.7/20 - Release Date: 16/Jun/2005


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org