svn commit: r1800850 - in /tomcat/trunk/webapps/docs: changelog.xml config/http.xml

Wed, 05 Jul 2017 01:53:39 -0700 

Author: markt
Date: Wed Jul  5 08:52:54 2017
New Revision: 1800850

URL: http://svn.apache.org/viewvc?rev=1800850&view=rev
Log:
Clarify the documentation for certificateKeyPassword with information on the 
lack of support for multiple keys in a single key store, each with a separate 
password.

Modified:
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/config/http.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1800850&r1=1800849&r2=1800850&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jul  5 08:52:54 2017
@@ -65,6 +65,15 @@
       </add>
     </changelog>
   </subsection>
+  <subsection name="Web applications">
+    <changelog>
+      <add>
+        Clarify the documentation for <code>certificateKeyPassword</code> with
+        information on the lack of support for multiple keys in a single key
+        store, each with a separate password. (markt)
+      </add>
+    </changelog>
+  </subsection>
   <subsection name="Other">
     <changelog>
       <add>

Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1800850&r1=1800849&r2=1800850&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Wed Jul  5 08:52:54 2017
@@ -1402,6 +1402,11 @@
       <p>If not specified, the default behaviour for JSSE is to use the
       <strong>certificateKeystorePassword</strong>. For OpenSSL the default
       behaviour is not to use a password.</p>
+      <p><strong>Note:</strong> While Java key stores may be configured with
+      different passwords for each key, the JRE's default provider can only use
+      the keystore if all keys have the same password. If you need to use
+      multiple keys each with a different password you must use a separate
+      keystore for each.</p>
     </attribute>
 
     <attribute name="certificateKeystoreFile" required="false">



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to