-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Estani,
On 8/12/2010 3:47 AM, Estanislao Gonzalez wrote:
> If I set both trustoreFile and javax.net.ssl.trustStore which one is
> being honored? The documentation is not clear to me:
> "The trust store file to use to validate client certificates. The
> default is the value of the |javax.net.ssl.trustStore| system property.
> If neither this attribute nor the default system property is set, no
> trust store will be configured."
>
> "The default" as in "if nothing else is found" or "if set"?
I think this might be a language problem. I believe the code would look
something like this, which might be easier to understand:
String trustStoreFile = connector.getTrustStoreFile();
if(null == trustStoreFile)
trustStoreFile = System.getProperty("javax.net.ssl.trustStore");
if(null != trustStoreFile)
{
// Use the trustStoreFile
}
else
{
// No trustStoreFile
}
> I have a truststoreFile set (which is read), but the validation is made
> against java own jssecacerts or cacerts files, the one from the
> truststoreFile is only used if explicitly mentioned in
> javax.net.ssl.trustStore, no matter what.
Please post your configuration, and a "keystore -list" for the
truststore you are trying to use.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkxkOu8ACgkQ9CaO5/Lv0PBMSQCdGk4NYk2tVD8S28DDT4T6RLXe
ChoAmQHy9ZDi5gA9CBAX3ng5r/+D2RU1
=N1Y0
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
