You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2012/04/28 10:30:34 UTC

[Bug 38774] try using keyStorePassword property if set

https://issues.apache.org/bugzilla/show_bug.cgi?id=38774

--- Comment #3 from Dmitry Shikhaleev <ds...@gmail.com> ---
Hi,

The change has broken ability to use different key stores for SSL RMI and SSL
HTTP on the same host.

"keystorePass" attribute specified in Tomcat config is get replaced with
"keypass" attribute by Catalina. In org.apache.catalina.connector.Connector
there is the following code:

protected static HashMap replacements = new HashMap();
     static {
         replacements.put("acceptCount", "backlog");
         replacements.put("connectionLinger", "soLinger");
         replacements.put("connectionTimeout", "soTimeout");
         replacements.put("connectionUploadTimeout", "timeout");
         replacements.put("clientAuth", "clientauth");
         replacements.put("keystoreFile", "keystore");
         replacements.put("randomFile", "randomfile");
         replacements.put("rootFile", "rootfile");
         replacements.put("keystorePass", "keypass");
         replacements.put("keystoreType", "keytype");
         replacements.put("sslProtocol", "protocol");
         replacements.put("sslProtocols", "protocols");
     }

    /**
     * Set a configured property.
     */
    public void setProperty(String name, String value) {
        String repl = name;
        if (replacements.get(name) != null) {
            repl = (String) replacements.get(name);
        }
        IntrospectionUtils.setProperty(protocolHandler, repl, value);
    }

As the result, in JSSESocketFactory "keystorePass" attribute is never set. 

Before the change, "keypass" was used, now "javax.net.ssl.keyStorePassword".
But the latter contains password for key store specified by
"javax.net.ssl.keyStore" property.

-- 
You are receiving this mail because:
You are the assignee for the bug.