Currently key stores are configured in following files.. 1. carbon.xml 2. axis2.xml 3. catalina-server.xml 4. identity.xml
Key store configurations are duplicated across all these files.. so we need to bring all to a single file and refer that from different places... Thanks & regards, -Prabath On Mon, Jun 24, 2013 at 1:31 PM, Prabath Siriwardena <[email protected]>wrote: > +1 > > Also we need to avoid keystores been configured in different places. Like > datasources - we need to have key stores configured in a single place and > reference those from other places.. > > Thanks & regards, > -Prabath > > On Sat, Jun 22, 2013 at 3:05 PM, Amila Suriarachchi <[email protected]>wrote: > >> hi, >> >> After reading some tomcat codes I found we can set the keystore password >> by overriding the setkeystorepass method in Http1NioProtocol class. >> >> package org.wso2.carbon.tomcat.ext.transport; >> >> import org.apache.coyote.http11.Http11NioProtocol; >> >> public class CarbonHttp1NioProtocol extends Http11NioProtocol { >> >> @Override >> public void setKeystorePass(String s) { >> System.out.println("setting the key store pass "); >> super.setKeystorePass("wso2carbon"); >> } >> } >> >> Now we can set our class at the tomcat connector level. >> >> <Connector >> protocol="org.wso2.carbon.tomcat.ext.transport.CarbonHttp1NioProtocol" >> port="9443" >> bindOnInit="false" >> sslProtocol="TLS" >> maxHttpHeaderSize="8192" >> acceptorThreadCount="2" >> maxThreads="250" >> minSpareThreads="50" >> disableUploadTimeout="false" >> enableLookups="false" >> connectionUploadTimeout="120000" >> maxKeepAliveRequests="200" >> acceptCount="200" >> server="WSO2 Carbon Server" >> clientAuth="false" >> compression="on" >> scheme="https" >> secure="true" >> SSLEnabled="true" >> compressionMinSize="2048" >> noCompressionUserAgents="gozilla, traviata" >> >> compressableMimeType="text/html,text/javascript,application/x-javascript,application/javascript,application/xml,text/css,application/xslt+xml,text/xsl,image/gif,image/jpg,image/jpeg" >> >> keystoreFile="${carbon.home}/repository/resources/security/wso2carbon.jks" >> keystorePass="carbon1" >> URIEncoding="UTF-8"/> >> >> so what we can do is to read the pass word from the carbon.xml key stores >> which is secured at that method and set the correct password instead of >> letting users to declare it. Even we can override the keystore location. so >> we can remove both those parameters from there and read only from >> carbon.xml file. >> >> WDYT? >> >> thanks, >> Amila. >> >> >> -- >> *Amila Suriarachchi* >> >> Software Architect >> WSO2 Inc. ; http://wso2.com >> lean . enterprise . middleware >> >> phone : +94 71 3082805 >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Thanks & Regards, > Prabath > > Mobile : +94 71 809 6732 > > http://blog.facilelogin.com > http://RampartFAQ.com > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
