This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new 5052dbfe83 Remove method allowing multiple certificates per contexts
5052dbfe83 is described below
commit 5052dbfe83539d4b2eac7e665a0df79a3324f8d4
Author: remm <[email protected]>
AuthorDate: Wed Sep 17 17:31:59 2025 +0200
Remove method allowing multiple certificates per contexts
This is normally not needed, so I'm removing it.
---
java/org/apache/tomcat/util/net/SSLUtil.java | 2 ++
.../org/apache/tomcat/util/net/openssl/OpenSSLUtil.java | 10 ----------
.../tomcat/util/net/openssl/panama/OpenSSLUtil.java | 17 -----------------
3 files changed, 2 insertions(+), 27 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/SSLUtil.java
b/java/org/apache/tomcat/util/net/SSLUtil.java
index 7a9c32dc4a..f3a334b6e8 100644
--- a/java/org/apache/tomcat/util/net/SSLUtil.java
+++ b/java/org/apache/tomcat/util/net/SSLUtil.java
@@ -96,7 +96,9 @@ public interface SSLUtil {
* @param context the existing context
* @param certificate the second certificate to add
* @return true if supported by the context
+ * @deprecated Unused. This method will be removed in Tomcat 12.
*/
+ @Deprecated
default boolean addSecondCertificate(SSLContext context,
SSLHostConfigCertificate certificate) {
return false;
}
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
index 5f3ec28eda..dc792281a2 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
@@ -131,14 +131,4 @@ public class OpenSSLUtil extends SSLUtilBase {
}
}
- @Override
- public boolean addSecondCertificate(SSLContext context,
SSLHostConfigCertificate certificate) {
- try {
- ((OpenSSLContext) context).addCertificate(certificate);
- return true;
- } catch (Exception e) {
- throw new
IllegalArgumentException(sm.getString("openssl.secondCertificateError"), e);
- }
- }
-
}
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLUtil.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLUtil.java
index 955d0aba0d..df278a62dc 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLUtil.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLUtil.java
@@ -17,7 +17,6 @@
package org.apache.tomcat.util.net.openssl.panama;
import java.io.IOException;
-import java.lang.foreign.Arena;
import java.security.KeyException;
import java.security.KeyStoreException;
import java.util.List;
@@ -108,20 +107,4 @@ public class OpenSSLUtil extends SSLUtilBase {
}
- @Override
- public boolean addSecondCertificate(SSLContext context,
SSLHostConfigCertificate certificate) {
- try (var localArena = Arena.ofConfined()) {
- try {
- if (((OpenSSLContext) context).addCertificate(certificate,
localArena)) {
- return true;
- } else {
- log.warn(sm.getString("openssl.secondCertificateError"));
- return false;
- }
- } catch (Exception e) {
- throw new
IllegalArgumentException(sm.getString("openssl.secondCertificateError"), e);
- }
- }
- }
-
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
