https://issues.apache.org/bugzilla/show_bug.cgi?id=50887
--- Comment #2 from Mark Thomas <ma...@apache.org> 2011-03-12 04:57:53 EST --- I've had a chance to look at this further. With regard to the three points I raised previously: > - Security providers are normally configured at the JVM level I can see why you don't like this and your reasoning is consistent with the design of the Tomcat SSL connector implementation. It is meant to be possible to configure each connector independently of any JVM configuration. > - Patches that change one of 5 connectors usually mean the other >connectors need changing too All of the connectors use CertifcateFactory. HTTP BIO & NIO use it via JSSESupport so all five connectors will need changes. > - There are other places where CertificateFactory is used that may >conflict with this patch. My point is that it isn't just the connectors that create client certificates from SSL data. The SSL Valve also does this and will also need a configuration option for this. I'll work on a patch for 7.0.x which will then be back-ported to 6.0.x. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
