Author: remm Date: Sat Feb 4 07:00:44 2006 New Revision: 374877 URL: http://svn.apache.org/viewcvs?rev=374877&view=rev Log: - Pass along more of the SSL related fields (note: I'm not sure what the skipfirst flag of setCertificateChainFile is actually supposed to do).
Modified: tomcat/connectors/trunk/util/java/org/apache/tomcat/util/net/AprEndpoint.java Modified: tomcat/connectors/trunk/util/java/org/apache/tomcat/util/net/AprEndpoint.java URL: http://svn.apache.org/viewcvs/tomcat/connectors/trunk/util/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=374877&r1=374876&r2=374877&view=diff ============================================================================== --- tomcat/connectors/trunk/util/java/org/apache/tomcat/util/net/AprEndpoint.java (original) +++ tomcat/connectors/trunk/util/java/org/apache/tomcat/util/net/AprEndpoint.java Sat Feb 4 07:00:44 2006 @@ -590,10 +590,12 @@ SSLContext.setCipherSuite(sslContext, SSLCipherSuite); // Load Server key and certificate SSLContext.setCertificate(sslContext, SSLCertificateFile, SSLCertificateKeyFile, SSLPassword, SSL.SSL_AIDX_RSA); + // Set certificate chain file + SSLContext.setCertificateChainFile(sslContext, SSLCertificateChainFile, false); // Support Client Certificates - if (SSLCACertificateFile != null) { - SSLContext.setCACertificate(sslContext, SSLCACertificateFile, null); - } + SSLContext.setCACertificate(sslContext, SSLCACertificateFile, SSLCACertificatePath); + // Set revocation + SSLContext.setCARevocation(sslContext, SSLCARevocationFile, SSLCARevocationPath); // Client certificate verification value = SSL.SSL_CVERIFY_NONE; if ("optional".equalsIgnoreCase(SSLVerifyClient)) { --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]