cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util/net SSLSocketFactory.java

Sun, 30 Sep 2001 13:30:10 -0700 

ccain       01/09/30 13:57:23

  Modified:    src/etc  prof-server.xml server.xml
               src/share/org/apache/tomcat/util/net SSLSocketFactory.java
  Log:
  Minor cleanup of SSL standalone instructions and comments, mostly to remove
  outdated java.security provider step. Revamped tomcat-ssl-howto.html to
  follow shortly.
  
  Revision  Changes    Path
  1.3       +9 -11     jakarta-tomcat/src/etc/prof-server.xml
  
  Index: prof-server.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/etc/prof-server.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- prof-server.xml   2001/06/09 03:18:17     1.2
  +++ prof-server.xml   2001/09/30 20:57:23     1.3
  @@ -59,20 +59,18 @@
                           minSpareThreads="10" />
   
           <!--
  -            Uncomment this for SSL support. 
  -            You _need_ to set up a server certificate if you want this
  -            to work, and you need JSSE.
  -            1. Add JSSE jars to CLASSPATH 
  -            2. Edit java.home/jre/lib/security/java.security
  -               Add:
  -               security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  -            3. Do: keytool -genkey -alias tomcat -keyalg RSA
  +            Uncomment this for SSL support. You _need_ to set up a
  +            server certificate if you want this to work, and you
  +            need JSSE. See tomcat-ssl-howto.html for more detailed
  +            instructions.
  +
  +            1. Make the JSSE jars available to Tomcat, either by making
  +               them an installed extension or by adding them to the
  +               Tomcat CLASSPATH.
  +            2. Do: keytool -genkey -alias tomcat -keyalg RSA
                  RSA is essential to work with Netscape and IIS.
                  Use "changeit" as password. ( or add keypass attribute )
                  You don't need to sign the certificate.
  - 
  -            You can set parameter keystore and keypass if you want 
  -            to change the default ( user.home/.keystore with changeit )
            -->
           <!--
           <RequestInterceptor 
  
  
  
  1.91      +9 -11     jakarta-tomcat/src/etc/server.xml
  
  Index: server.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/etc/server.xml,v
  retrieving revision 1.90
  retrieving revision 1.91
  diff -u -r1.90 -r1.91
  --- server.xml        2001/09/08 20:08:31     1.90
  +++ server.xml        2001/09/30 20:57:23     1.91
  @@ -188,20 +188,18 @@
                           minSpareThreads="10" />
   
           <!--
  -            Uncomment this for SSL support. 
  -            You _need_ to set up a server certificate if you want this
  -            to work, and you need JSSE.
  -            1. Add JSSE jars to CLASSPATH 
  -            2. Edit java.home/jre/lib/security/java.security
  -               Add:
  -               security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  -            3. Do: keytool -genkey -alias tomcat -keyalg RSA
  +            Uncomment this for SSL support. You _need_ to set up a
  +            server certificate if you want this to work, and you
  +            need JSSE. See tomcat-ssl-howto.html for more detailed
  +            instructions.
  +
  +            1. Make the JSSE jars available to Tomcat, either by making
  +               them an installed extension or by adding them to the
  +               Tomcat CLASSPATH.
  +            2. Do: keytool -genkey -alias tomcat -keyalg RSA
                  RSA is essential to work with Netscape and IIS.
                  Use "changeit" as password. ( or add keypass attribute )
                  You don't need to sign the certificate.
  - 
  -            You can set parameter keystore and keypass if you want 
  -            to change the default ( user.home/.keystore with changeit )
            -->
           <!--
           <Http10Connector  port="8443" secure="true" />
  
  
  
  1.3       +4 -7      
jakarta-tomcat/src/share/org/apache/tomcat/util/net/SSLSocketFactory.java
  
  Index: SSLSocketFactory.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/net/SSLSocketFactory.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- SSLSocketFactory.java     2000/10/06 05:19:20     1.2
  +++ SSLSocketFactory.java     2001/09/30 20:57:23     1.3
  @@ -72,10 +72,10 @@
   import javax.net.ssl.HandshakeCompletedEvent;
   
   /*
  -  1. Add Jsse's jars into jre/lib/ext
  -  2. Edit java.security, add
  -       security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  -  3. keytool -genkey -alias tomcat -keyalg RSA
  +  1. Make the JSSE's jars available, either as an installed
  +     extension (copy them into jre/lib/ext) or by adding
  +     them to the Tomcat classpath.
  +  2. keytool -genkey -alias tomcat -keyalg RSA
        Use "changeit" as password ( this is the default we use )
    */
   
  @@ -146,9 +146,6 @@
        */
       private void initProxy() throws IOException {
        try {
  -         /** You should have this in java.security, but
  -             can't hurt to double check
  -         */
            Security.addProvider (new sun.security.provider.Sun());
            Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider());

Reply via email to