(tomcat) branch 9.0.x updated: Better documentation for SSLHostConfig.truststoreProvider default

Wed, 29 Jan 2025 02:00:13 -0800 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new b873b459e7 Better documentation for SSLHostConfig.truststoreProvider 
default
b873b459e7 is described below

commit b873b459e7080a85a2d47dea085d4ac5892ba44a
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Jan 29 09:57:10 2025 +0000

    Better documentation for SSLHostConfig.truststoreProvider default
---
 webapps/docs/changelog.xml   | 5 +++++
 webapps/docs/config/http.xml | 9 +++++----
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 84fbc23e01..64474429b5 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -239,6 +239,11 @@
         <code>mapperDirectoryRedirectEnabled</code> to <code>true</code>.
         (markt)
       </add>
+      <fix>
+        Documentation. Better document the default for the
+        <code>truststoreProvider</code> attribute of a
+        <code>SSLHostConfig</code> element. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Other">
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index e4a3cb1fc0..6222b2af32 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -1589,10 +1589,11 @@
       <p>The name of the truststore provider to be used for the server
       certificate. The default is the value of the
       <code>javax.net.ssl.trustStoreProvider</code> system property. If
-      that property is null, the value of <code>keystoreProvider</code> is used
-      as the default. If neither this attribute, the default system property 
nor
-      <code>keystoreProvider</code> is set, the list of registered providers is
-      traversed in preference order and the first provider that supports the
+      that property is null and a single certificate has been configured for
+      this TLS virtual host then default will be the the value of
+      <code>keystoreProvider</code> of the single certificate. If none of these
+      identify a default, the list of registered providers is traversed in
+      preference order and the first provider that supports the
       <code>truststoreType</code> is used.
       </p>
     </attribute>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to