Leon Rosenberg wrote:
On 6/2/06, Bill Barker <[EMAIL PROTECTED]> wrote:
TC 3.3.x had an optional module to do this. It never got ported.
I generally agree with most of the people that say that this is the
least of
your problems. If you are usings a self-signed cert, then you are just
getti
On 6/2/06, Bill Barker <[EMAIL PROTECTED]> wrote:
TC 3.3.x had an optional module to do this. It never got ported.
I generally agree with most of the people that say that this is the least of
your problems. If you are usings a self-signed cert, then you are just
getting what you deserve. Othe
TC 3.3.x had an optional module to do this. It never got ported.
I generally agree with most of the people that say that this is the least of
your problems. If you are usings a self-signed cert, then you are just
getting what you deserve. Otherwise, you simply contact the CA and revoke
the c
> From: David Wall [mailto:[EMAIL PROTECTED]
> What's the downside if someone who
> has access to your filesystem has access to the SSL cert
> keystore? They
> can remove and install certs, but I could do that anyway by
> putting in a
> new keystore. Somehow they'd need to take your keystor
Hi Eric:
I am sorry. I am a beginner of Tomcat. How does it work? Have the
current Tomcat already been doing that? Is it just put an encrypted
keystore password at the server.xml? or don't even mention any keystore
password at the server.xml at all?
Regards
Dickson
I don't think TC does thi
No, you just have the keystore encrypted with a password and _don't_
specify it in the config file. Then when tomcat starts up, and can't open
the keystore w/o a password, it knows it has to ask for it, but it isn't
stored anywhere on the machine. That's what apache httpd does if the
c
ssage-
From: Eric Haszlakiewicz [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 31, 2006 9:46 AM
To: Tomcat Users List
Cc: David Wall
Subject: Re: How to hide the keystorePass at the server.xml
On Tue, May 30, 2006 at 04:46:42PM -0700, David Wall wrote:
> A possible sounding solution would be to hav
On Tue, May 30, 2006 at 04:46:42PM -0700, David Wall wrote:
> A possible sounding solution would be to have tomcat start in a
> protected mode that requires an admin connect and enter a password
> before TC would allow the webapps to load. But even this would require
> that TC be configured to
Shankar Unni wrote:
Robert Harper wrote:
One thing to think of is that if you have to do that to protect it, then
everything else on that system is suspect.
Yeah, yeah. I used to use this argument a lot, too. But that's like
saying: if your harness isn't secure, then why bother with an
add
Robert Harper wrote:
One thing to think of is that if you have to do that to protect it, then
everything else on that system is suspect.
Yeah, yeah. I used to use this argument a lot, too. But that's like
saying: if your harness isn't secure, then why bother with an additional
safety net bel
One thing to think of is that if you have to do that to protect it, then
everything else on that system is suspect. You should have your settings so
that the user cannot browse your computer and they can not get to that area.
That will also secure the rest of your file system. If they can read the
11 matches
Mail list logo
