[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: Can JBoss/Tomcat use specific alias from keystore (keyal
krishnakumars
do-not-reply at jboss.com
Wed Nov 14 22:43:36 EST 2007
The earlier post was missing the Connector extracts. Reposting.
----------
We use JBossSX's support for PBESecurityDomain in our Tomcat Connector. Our Connector element looks like this:
<Connector port="8445" address="${jboss.bind.address}"
| maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
| scheme="https" secure="true" clientAuth="false"
| sslProtocol = "SSL"
| ciphers="SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA"
| securityDomain="java:/jaas/encrypt-keystore-password"
| SSLImplementation="org.jboss.net.ssl.JBossImplementation" />
|
Our Keystore has multiple aliases in it. By default Tomcat uses the first keystore alias it finds.
I need to change this behavior so Tomcat uses a specific alias. Tomcat standalone supports an attribute of keyAlias in the Connector element. I changed above to look like :
<Connector port="8445" address="${jboss.bind.address}"
| maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
| scheme="https" secure="true" clientAuth="false"
| sslProtocol = "SSL"
| ciphers="SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA"
| securityDomain="java:/jaas/encrypt-keystore-password"
| SSLImplementation="org.jboss.net.ssl.JBossImplementation"
| keyAlias="cgss_server_app" />
|
However, JBoss doesn't seem to pick up the keyAlias attribute.
What am I doing wrong? Does JBoss recognize and honor the keyAlias attribute?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4104829#4104829
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4104829
More information about the jboss-user
mailing list