2015-06-22 9:06 GMT+03:00 jean-frederic clere <jfcl...@gmail.com>: > On 06/19/2015 10:01 PM, Mark Thomas wrote: >> >> I'm looking at integrating multiple certificate support with APR/native >> and the new OpenSSLContext. >> >> I have a query about the following method that I hope those that have >> been working in this area recently will be able to answer. >> >> SSLContext.setCertificate(long ctx, String cert, String key, >> String password, int idx) >> >> The idx can either be 0 (RSA) or 1 (DSS). > > > It is tested between 0 and <4. > >> >> I know the tc-native enforces that idx is 0 or 1. Does it require that >> idx is 0 for RSA keys and 1 for DSS keys? > > > According the include: > +++ > #define SSL_AIDX_RSA (0) > #define SSL_AIDX_DSA (1) > #define SSL_AIDX_ECC (3) > #define SSL_AIDX_MAX (4) > +++
As those look like indexes into an array, I wonder why "2" was skipped. Those defines were introduced in r1681509 Note that they were backported to native 1.1.x in r1681515 >> >> How does one specify an ECC key? > > > Using 3 I guess but I don't see a different handling for the different type > of key/cert... Basically it looks like the latest call tells which key/cert > will be used. > Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
