Looking at the code, and the loadStore method, it appears that this method should actually have been a static method, instead of an instance method. It is just a utility method to load either of the key stores - trustStore and keyStore. So, I'm not sure if we want to make it protected. We could make it a public static method in the same class or move the method to another utility class if we have one.
If you create a temporary key/certificate every time the server is started, your clients would see a new certificate and may not work with the server unless they explicitly trust the certificate every time (or the client blindly trusts any certificate). Not sure if this is going to be an issue in your case. The other option could be to create a temporary file that contains the keys, then feed the file to the FTP server, and start the FTP server. Regards, Sai Pullabhotla On Wed, Jan 27, 2010 at 11:26 AM, Cath Gibbons (JIRA) <[email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/FTPSERVER-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12805580#action_12805580 > ] > > Cath Gibbons commented on FTPSERVER-346: > ---------------------------------------- > > Hello Niklas, > > And thank you for the prompt response :) > > The embedded FTP server I have implemented is only used temporarily, during a > short session within our application, and because of our packaging, we cannot > create a keystore file that would have to be moved during installation, and > thus rendered useless. > > For our usage, I set the implicit Ssl to false, so the client needs to > explicitly request to use Ssl. > When creating the Ssl configuration, there is no keystore already created. > I went around the fact that loadStore is declared private by having to copy > the createSslConfiguration method in SslConfigurationFactory class. > Is there a particular reason why loadStore cannot be declared protected? > > Thanks again for your awesome work, Niklas! > > Cath > > > > > > > >> loadStore method in SslConfigurationFactory should be protected to allow >> overriding >> ----------------------------------------------------------------------------------- >> >> Key: FTPSERVER-346 >> URL: https://issues.apache.org/jira/browse/FTPSERVER-346 >> Project: FtpServer >> Issue Type: Improvement >> Components: Server >> Affects Versions: 1.0.3 >> Environment: Windows XP >> Reporter: Cath Gibbons >> Priority: Minor >> Original Estimate: 0.03h >> Remaining Estimate: 0.03h >> >> The loadStore method in the SslConfigurationFactory class only deals with >> the case when the Keystore file actually exists at runtime. >> I am using the Apache FTP Server 1.0.3 on Windows XP to run an embedded >> server that does not have an existing Keystore file at runtime. Rather, it >> generates a temporary Keystore file using the Keystore load method with a >> null argument as InputStream. >> Since I could not override just the loadStore method that is declared >> "private", I had to copy the entire createSslConfiguration method in order >> to call my own loadStore. >> Why not make the loadStore protected to allow for it to be overriden? >> Thanks! > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. > >
