Hello Alex, I usually remove the password on the p12 file via openssl. Protecting with password and writing the password in clear text somewhere doesn't improve security much I think. Dunno if this is a possible way to go for you. Greetings, Thomas ________________________________ Von: a.grub...@bluewin.ch <a.grub...@bluewin.ch> Gesendet: Dienstag, 17. Januar 2023 21:01:00 An: 'Tomcat Users List' Betreff: AW: Password in Tomcat 9.x
Hoi Thomas Received also from Mark an email where he requested an example of the web.xml. Will provide you this tomorrow. Below is what I wrote him. Regards Alex # # # Hi Mark I will provide a config example tomorrow. Let you know the details. I have them on the other machine. In general it is like that - we have a webserver certificate (p12), which we use to have the https protocol. The certificate comes together with a p12.pwd file and this password of the certificate is stored in the web.xml. I want now to remove this password by configuring just the path to this file. In case someone renew the certificate, the restart of tomcat can be done anytime as always the correct password is used. Regards Alexander # # # -----Ursprüngliche Nachricht----- Von: Thomas Hoffmann (Speed4Trade GmbH) <thomas.hoffm...@speed4trade.com.INVALID> Gesendet: Dienstag, 17. Januar 2023 19:19 An: Tomcat Users List <users@tomcat.apache.org> Betreff: AW: Password in Tomcat 9.x Hello Alex, I am not sure what your goal is. Webserver certificate (with private key) is used for encryption / ssl / tls. Password is used for user authentication and in web.xml you only specify the auth method, not any passwords. Or do you plan auth with client certificates? Greetings, Thomas ________________________________ Von: a.grub...@bluewin.ch <a.grub...@bluewin.ch> Gesendet: Dienstag, 17. Januar 2023 18:34:15 An: users@tomcat.apache.org Betreff: Password in Tomcat 9.x Hello together I would like to understand, when implementing passwords into web.xml, then I would like NOT to implement a password, I want to include the path to a certificate (p12.pwd). I want to basically avoid, changing all the time the password, when I renew my webserver certificate in the configuration. Which version of Tomcat 9.x is able to do this? Will it be for seen, that 9.x can do this? If no 9.x can do, which other Tomcat can do this? Thank you Alexander Grubner --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
