jean-frederic clere wrote:
>
> And the keystorePass is in server.xml but that is well know.
> We should avoid things like "security through obscurancy"
JF, I like you better and better every time you post :)
- Christopher
/**
* Pleurez, pleurez, mes yeux, et fondez vous en eau!
* La moi
Larry Isaacs wrote:
>
>>-Original Message-
>>From: jean-frederic clere [mailto:[EMAIL PROTECTED]]
>>Sent: Tuesday, September 25, 2001 9:22 AM
>>To: [EMAIL PROTECTED]
>>Subject: Re: [PATCH] SSL how-to documentation
>>
> [Snip]
>
>>
&
> -Original Message-
> From: jean-frederic clere [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 25, 2001 9:22 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [PATCH] SSL how-to documentation
[Snip]
>
>
> And the keystorePass is in server.xml but that is well
Attila Szegedi wrote:
>
> A quick look inside the source code of sun.security.provider.JavaKeyStore reveals
>the following line in the getPreKeyedHash() method:
>
> md.update("Mighty Aphrodite".getBytes("UTF8"));
>
> Background: They're storing a MD5 hash of the password in the keystore to en
A quick look inside the source code of sun.security.provider.JavaKeyStore reveals the
following line in the getPreKeyedHash() method:
md.update("Mighty Aphrodite".getBytes("UTF8"));
Background: They're storing a MD5 hash of the password in the keystore to ensure the
keystore was not tampered.
Ahh ... I see. It needs to be the same JDK where JSSE was installed in order to
specify RSA as the algorithm.
Applied the patches. Thanks!
Quoting Patrick Luby <[EMAIL PROTECTED]>:
> Christopher,
>
> You are correct that this problem has nothing to do with Tomcat.
> Instead, it is a merely a p
Christopher,
You are correct that this problem has nothing to do with Tomcat.
Instead, it is a merely a problem that comes from having more than 1 JDK
installation on your local host.
Specifically, the problem I described shows up on Unix platforms where
your $PATH environment variable points to
Hi Patrick. Could you explain this a little further? Actually creating a
keystore using keytool of course has nothing to do with Tomcat per se, so I
assume you mean that the keystore created might not work with Tomcat. Under
what conditions would a keystore generated by one JDK not work with an
