https://issues.apache.org/bugzilla/show_bug.cgi?id=43094
--- Comment #4 from Bruno Harbulot <[EMAIL PROTECTED]> 2008-05-12 10:32:02 PST --- (In reply to comment #3) > I have applied a patch to trunk based on your suggestion and proposed it for > 6.0.x. > Thank you. I've just had a look at http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?revision=653128&view=markup It seems that you've applied a patch along the original report and not the second patch I sent with comment #1. I believe that second patch (being able to set the provider name) could also be useful, even for PKCS#11 applications (one of the ways to configure PKCS#11 is to set up the PKCS#11 options as part of the JVM security provider list, which adds a provider with a new name). More generally, since I opened this issue, I've been making similar suggestions for other projects, in particular Jetty [1] and Restlet [2]. This led me to write a few classes (SSLContext factories) to make the configuration of SSL properties a bit easier, including more advanced options such as Certificate Revocation Lists (I must admit I'm not quite sure how CRLs are to be configured in Tomcat). These classes are available at http://code.google.com/p/jsslutils/. I'm not sure whether this would be useful for Tomcat, but this might be of interest (feel free to get in touch...). [1] http://www.mortbay.org/jetty/ [2] http://www.restlet.org/ -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
