On 28/01/2020 17:07, Christopher Schultz wrote: > All, > > The subject says it all. > > Java 9 is changing the default keystore type from JKS to PKCS12 and > deprecating the use of JKS. > > Do we know what version of Java Tomcat 10 will require?
Java 8. > I suspect it > will be Java 9, so it will match. Oh well... > In any case, PKCS12 is a better format overall and it's very early in > the Tomcat 10 lifecycle, so I think it's the right time to make this mov > e. My primary concern is backwards compatibility but users using JKS are going to have to make the change at some point so it is really a question of when. And Tomcat 10 does seem like as good a time as any. > It looks like there is no default type for the trust store type > (unless javax.net.ssl.trustStoreType has a default value), so I would > propose that we also set that default type to PKCS12. No objections here. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
