-
1. Re: Encrypt KeyStore-Password in a Tomcat-Connetctor for 4.2
yashendrac May 28, 2009 3:56 PM (in response to isc-hoa)Hi Andre,
Any luck finding the solution of this problem I was also running into same problem only difference is that I tried this same configuration with JBoss 5.0.1. -
2. Re: Encrypt KeyStore-Password in a Tomcat-Connetctor for 4.2
isc-hoa May 29, 2009 1:18 AM (in response to isc-hoa)Hi yashendrac
I was not able to find a solution. I spent quite a lot of time on this topic, but without any luck... -
3. Re: Encrypt KeyStore-Password in a Tomcat-Connetctor for 4.2
yashendrac Jun 1, 2009 9:59 AM (in response to isc-hoa)Andre,
I confirmed that it is broken in JBoss5.0.1, I am not sure since when it is broken but it was working on JBoss4.2.1. I also confirmed that it is fixed in JBoss5.1.0
I checked the source code for following classes under jbosswe.jar and jbossweb-service.jar
1.org.jboss.net.ssl.JBossImplementation.java
2.org.jboss.net.ssl.JBossSocketFactory.java
3.org.apache.tomcat.util.net.jsse.JSSESocketFactory
JBossSocketFactory overrides following methods from tomcat's
JSSESocketFactoryprotected TrustManager[] getTrustManagers(String keystoreType, String algorithm) protected KeyManager[] getKeyManagers(String keystoreType, String algorithm, String keyAlias)
But in tomcat JSSESocketFactory under JBoss5.0.1, method signatures are changed by adding additional String parameter String keystoreProvider.
So methods are changed to following in tomcat JSSESocketFactoryprotected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm) protected KeyManager[] getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias)
So JBossSocketFactory was not overriding these methods anymore and despite providing SSLImplementation="org.jboss.net.ssl.JBossImplementation" these two methods from JSSESocketFactory were invoked in place of JBossSocketFactory.
This is fixed in JBoss5.1.0