https://bz.apache.org/bugzilla/show_bug.cgi?id=64826
Bug ID: 64826
Summary: libtcnative prompts for private key password in some
situations
Product: Tomcat Native
Version: 1.2.23
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P2
Component: Library
Assignee: dev@tomcat.apache.org
Reporter: micha...@apache.org
Target Milestone: ---
Based the discussion here:
https://www.mail-archive.com/users@tomcat.apache.org/msg136430.html
libtcnative might prompt for a password if the given password is wrong or not
supplied. This happens only when the private key is encrypted.
This has several issues:
* It is not guaranteed that stdin is attached to a TTY
* No information about the certificate is given. If I have more than one which
is it?
* Even though Javadocs of libtcnative document it, connector documentation
never mentions this.
mod_ssl has the SSLPassPhraseDialog where the admin can strictly control how
this has to be done. From an admin's POV, I would rather expect an exception in
the logs rather than blocking the entire process.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
