https://bz.apache.org/bugzilla/show_bug.cgi?id=62032
--- Comment #2 from Coty Sutherland <csuth...@apache.org> --- (In reply to Remy Maucherat from comment #1) > Should we catch this sort of configuration as an error even in cases where > it would kind of work ? Like if there are SSL config bits on the Connector > element *and* one or more SSLHostConfig elements, then fail the connector ? If I understand you correctly, that does happen now in cases that they're both named _default_. I think the problem is that we're defaulting to an empty PEM file with the auto-generated default SSLHostConfig instead of throwing an error. The logic in JSSEUtil is interesting, we're checking for a keystore and if it's null we default to a PEMFile without verifying it exists. Is there some reason for doing that instead of throwing an exception? I don't think an SSL Connector with no keystore or key/cert pair is usable :) -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
