http.xml

remm Tue, 26 Apr 2016 10:03:21 -0700

Author: remm
Date: Tue Apr 26 17:03:04 2016
New Revision: 1741058

URL: http://svn.apache.org/viewvc?rev=1741058&view=rev
Log:
Doc review: if the private key PEM isn't set, it should look into the 
certificate PEM. The PEM parser appears to handle that as well.


Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
    tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
    tomcat/trunk/webapps/docs/config/http.xml

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1741058&r1=1741057&r2=1741058&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Tue Apr 26 
17:03:04 2016
@@ -287,10 +287,9 @@ public class JSSEUtil extends SSLUtilBas
             ks = KeyStore.getInstance("JKS");
             ks.load(null, null);
 
-            if (certificate.getCertificateKeyFile() == null) {
-                throw new 
IllegalStateException(sm.getString("jsse.noPrivateKey"));
-            }
-            PEMFile privateKeyFile = new 
PEMFile(SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()), 
keyPass);
+            PEMFile privateKeyFile = new 
PEMFile(SSLHostConfig.adjustRelativePath
+                    (certificate.getCertificateKeyFile() != null ? 
certificate.getCertificateKeyFile() : certificate.getCertificateFile()),
+                    keyPass);
             PEMFile certificateFile = new 
PEMFile(SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()));
 
             Collection<Certificate> chain = new ArrayList<>();

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties?rev=1741058&r1=1741057&r2=1741058&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties 
Tue Apr 26 17:03:04 2016
@@ -25,8 +25,7 @@ jsse.excludeDefaultProtocol=The SSL prot
 jsse.noDefaultCiphers=Unable to determine a default for ciphers for [{0}]. Set 
an explicit value to ensure the connector can start.
 jsse.noDefaultProtocols=Unable to determine a default for sslEnabledProtocols. 
Set an explicit value to ensure the connector can start.
 jsse.exceptionOnClose=Failure to close socket.
-jsse.noPrivateKey=No private key specified for certificate.
-jsse.pemParseError=Unable to parse the private key from [{0}]
+jsse.pemParseError=Unable to parse the key from [{0}]
 
 jsseSupport.clientCertError=Error trying to obtain a certificate from the 
client
 jseeSupport.certTranslationError=Error translating certificate [{0}]

Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1741058&r1=1741057&r2=1741058&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Tue Apr 26 17:03:04 2016
@@ -1255,7 +1255,6 @@
   <attributes>
 
     <attribute name="certificateFile" required="true">
-      <p>OpenSSL only.</p>
       <p>Name of the file that contains the server certificate. The format is
       PEM-encoded. Relative paths will be resolved against
       <code>$CATALINA_BASE</code>.</p>
@@ -1267,7 +1266,6 @@
     </attribute>
 
     <attribute name="certificateChainFile" required="false">
-      <p>OpenSSL only.</p>
       <p>Name of the file that contains the certificate chain associated with
       the server certificate used. The format is
       PEM-encoded. Relative paths will be resolved against
@@ -1290,7 +1288,6 @@
     </attribute>
 
     <attribute name="certificateKeyFile" required="false">
-      <p>OpenSSL only.</p>
       <p>Name of the file that contains the server private key. The format is
       PEM-encoded. The default value is the value of
       <strong>certificateFile</strong> and in this case both certificate and



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1741058 - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/JSSEUtil.java java/org/apache/tomcat/util/net/jsse/LocalStrings.properties webapps/docs/config/http.xml

Reply via email to