The NioX509KeyManager was added in so that you could force an alias to
be used. Meaning, you have a keystore, and you want to use the attribute
keyAlias="tomcat"
in your connector, in 6.0.18, the NIO connector ignores it, and the JVM
picks any key in your keystore, and this is not always what you want.
You can open a bug in bugzilla, attach your configurations there and I
can see why its not working for you.
Filip
On 03/31/2010 05:47 PM, Christopher Lee wrote:
Tomcat version 6.0.26:
There was a method introduced: NIOEndpoint#wrap (post 6.0.18) called from
NIOEndpoint#init which wraps KeyManagers with NioX509KeyManager.
I am not sure why (I could not get the JSSE source to fully debug) but when
I run embedded Tomcat with SSL enabled and my own keystores
I get the following exception: "javax.net.ssl.
SSLHandshakeException: no cipher suites in common". Removing this wrapping
will result in
a working instance. This method is not present in 6.0.18. Please let me
know if there is something I can do as a work around or if
this actually causes a real bug.
I wasn't sure where to post this. Please advise if you think I should post
this elsewhere.
Thanks,
Chris.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
