You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2015/03/28 16:30:13 UTC
[Bug 57759] Clarify keyAlias definition to reduce likelihood of
readers making invalid assumptions
https://bz.apache.org/bugzilla/show_bug.cgi?id=57759
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
Summary|keyAlias definition is |Clarify keyAlias definition
|incorrect, does not appear |to reduce likelihood of
|to work properly |readers making invalid
| |assumptions
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
(In reply to Andrew Lane Carr from comment #0)
> keyAlias Definition from:
>
> https://tomcat.apache.org/tomcat-7.0-doc/config/http.html
>
> The alias used to for the server certificate in the keystore. If not
> specified the first key read in the keystore will be used.
>
> Wouldn't this lead you to believe if no alias is specified it will use the
> first key in the keystore?
No. The documentation states the first key read from the keystore is used. It
makes no statements regarding the relationship between the order the keys were
added to the store, the order the keys are stored in the store (if such a
concept makes sense - depening on the keystore it may not) and the order the
keys are read from the keystore. All of which will depend on the
implementation.
We can add a note to the documentation to clarify the above to reduce the
chances of future users making such invalid assumptions.
Generally, unless there is only a single key in the key store, it is advisable
to specify an alias. This advice can be added to the docs as well.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org