"Jihwan Kim" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >Hi, >I have this in my server.xml > <Connector port="443" > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > enableLookups="false" disableUploadTimeout="true" > acceptCount="100" debug="0" scheme="https" secure="true" > clientAuth="true" sslProtocol="TLS" > keystoreFile="c:/j2sdk1.4.2_09/jre/lib/security/cacerts" >keystorePass="XXXX" /> > >cacerts is a self signed certificate. > >Whewn the certificate is expired, I would like to detect it and send a >proper message to a client side user.
This happens deep within JSSE, before normally any of your or Tomcat's code gets a chance to do anything. >So, 1. how can I detect the expired cert from a Java application client. Unless you configure your own TrustManager, the client will throw an exception when you try to connect. > 2. Can I detect the expired cert during the Tomcat startup? Strangely, JSSE doesn't do this. Of course, there is nothing stopping your app from reading the cert from the KeyStore and checking yourself ;-). > >Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
