Hi, Is it true that, if Purtls is there then tomcat will not use JSSE while doing SSL handshaking? I mean, to select the SSL implementation Tomcat gives priority to Puretls then JSSE?
Regards, Jahid On Dec 7, 2007 8:39 PM, Bill Barker <[EMAIL PROTECTED]> wrote: > > > > -----Original Message----- > > From: Filip Hanik - Dev Lists [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 07, 2007 10:46 AM > > To: Tomcat Developers List > > Subject: Re: Tomcat SSL handshaking > > > > really only one way of doing it. > > In the BIO connector > > protocol="org.apache.coytote.http11.Http11Protocol", the handshake > > happens inside the blocking streams (at the JSSE layer), so I don't > > think you can control it here. > > Actually, you can specify your own SSLImplementation class here, and do > anything you like with the SSL protocol. JSSE is just what you get when it > can't find anything else. > > > > In the APR connector > > protocol="org.apache.coytote.http11.Http11AprProtocol", the handshake > > happens inside the openssl layer, so you can't do it there > > > > In the NIO connector > > protocol="org.apache.coytote.http11.Http11NioProtocol", the handshake > > happens inside the SSLEngine, but you could swap that out, > > since this is > > the only connector that actually gets hold of the bytes that get sent > > over the network. The code for this would be > > org/apache/tomcat/util/net/SecureNioChannel.java, look at the > > handshake > > method > > > > http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apa > > che/tomcat/util/net/SecureNioChannel.java?view=markup > > > > Filip > > > > Md. Jahid Shohel wrote: > > > Hi, > > > > > > I am really sorry to mailing here for such a question. I am mailing > > > here because I didn't get any help from other places. My question is > > > --- > > > > > > > > > How I can take the control of SSL handshaking from tomcat, so that I > > > can do the handshaking process by myself. > > > > > > Regards. > > > > > > > > > Jahid > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > This message is intended only for the use of the person(s) listed above as > the intended recipient(s), and may contain information that is PRIVILEGED and > CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, > or distribute this message or any attachment. If you received this > communication in error, please notify us immediately by e-mail and then > delete all copies of this message and any attachments. > > In addition you should be aware that ordinary (unencrypted) e-mail sent > through the Internet is not secure. Do not send confidential or sensitive > information, such as social security numbers, account numbers, personal > identification numbers and passwords, to us via ordinary (unencrypted) e-mail. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
