Author: markt
Date: Fri Jun 19 14:29:03 2015
New Revision: 1686424
URL: http://svn.apache.org/r1686424
Log:
Remove support for certificateChainFile. httpd has deprecated it and it doesn't
play nicely with multiple certificate types.
Modified:
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
tomcat/trunk/webapps/docs/config/http.xml
Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1686424&r1=1686423&r2=1686424&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Fri
Jun 19 14:29:03 2015
@@ -574,12 +574,6 @@ public abstract class AbstractHttp11Prot
}
- public void setSSLCertificateChainFile(String certificateChainFile) {
- registerDefaultSSLHostConfig();
- defaultSSLHostConfig.setCertificateChainFile(certificateChainFile);
- }
-
-
public void setSSLCACertificatePath(String caCertificatePath) {
registerDefaultSSLHostConfig();
defaultSSLHostConfig.setCaCertificatePath(caCertificatePath);
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1686424&r1=1686423&r2=1686424&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Fri Jun 19
14:29:03 2015
@@ -500,10 +500,6 @@ public class AprEndpoint extends Abstrac
SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateFile()),
SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateKeyFile()),
sslHostConfig.getCertificateKeyPassword(),
SSL.SSL_AIDX_RSA);
- // Set certificate chain file
- SSLContext.setCertificateChainFile(ctx,
-
SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateChainFile()),
- false);
// Support Client Certificates
SSLContext.setCACertificate(ctx,
SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile()),
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java?rev=1686424&r1=1686423&r2=1686424&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java Fri Jun 19
14:29:03 2015
@@ -88,7 +88,6 @@ public class SSLHostConfig {
private String truststoreProvider =
System.getProperty("javax.net.ssl.trustStoreProvider");
private String truststoreType =
System.getProperty("javax.net.ssl.trustStoreType");
// OpenSSL
- private String certificateChainFile;
private String certificateFile;
private String certificateKeyFile;
private String certificateRevocationListPath;
@@ -476,17 +475,6 @@ public class SSLHostConfig {
// ------------------------------- OpenSSL specific configuration
properties
- public void setCertificateChainFile(String certificateChainFile) {
- setProperty("certificateChainFile", Type.OPENSSL);
- this.certificateChainFile = certificateChainFile;
- }
-
-
- public String getCertificateChainFile() {
- return certificateChainFile;
- }
-
-
public void setCertificateFile(String certificateFile) {
setProperty("certificateFile", Type.OPENSSL);
this.certificateFile = certificateFile;
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java?rev=1686424&r1=1686423&r2=1686424&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Fri Jun 19 14:29:03 2015
@@ -306,10 +306,6 @@ public class OpenSSLContext implements o
SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateFile()),
SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateKeyFile()),
sslHostConfig.getCertificateKeyPassword(),
SSL.SSL_AIDX_RSA);
- // Set certificate chain file
- SSLContext.setCertificateChainFile(ctx,
-
SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateChainFile()),
- false);
// Support Client Certificates
SSLContext.setCACertificate(ctx,
SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile()),
Modified: tomcat/trunk/webapps/docs/config/http.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1686424&r1=1686423&r2=1686424&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Fri Jun 19 14:29:03 2015
@@ -1018,13 +1018,6 @@
<attributes>
- <attribute name="certificateChainFile" required="false">
- <p>OpenSSL only.</p>
- <p>Name of the file that contains concatenated certifcates for the
- certificate authorities which form the certifcate chain for the server
- certificate. The format is PEM-encoded.</p>
- </attribute>
-
<attribute name="certificateFile" required="true">
<p>OpenSSL only.</p>
<p>Name of the file that contains the server certificate. The format is
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
