https://bz.apache.org/bugzilla/show_bug.cgi?id=64141
Remy Maucherat <r...@apache.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW --- Comment #2 from Remy Maucherat <r...@apache.org> --- The configuration looks ok to me in theory as APR will use caCertificateFile. However, if you look at SSLHostConfig, you can notice that: private String truststoreFile = System.getProperty("javax.net.ssl.trustStore"); So the system property sets truststoreFile, which is then used to get the trust managers (and caCertificateFile is then not used at all). IMO: bad luck, this may be a WONTFIX. The workaround mentioned by Chris by creating a keystore is correct, since setting truststoreFile will override the value from the system property. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org