[tomcat] branch main updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()

Thu, 12 Oct 2023 03:13:58 -0700 

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new 69143e32da BZ 67667: TLSCertificateReloadListener prints unreadable 
rendering of X509Certificate#getNotAfter()
69143e32da is described below

commit 69143e32da1b51c9f2c08e280f9133175f5b8dc1
Author: Michael Osipov <micha...@apache.org>
AuthorDate: Thu Oct 12 12:09:02 2023 +0200

    BZ 67667: TLSCertificateReloadListener prints unreadable rendering of 
X509Certificate#getNotAfter()
---
 .../apache/catalina/security/TLSCertificateReloadListener.java    | 4 +++-
 webapps/docs/changelog.xml                                        | 8 ++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git 
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java 
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index 0596732575..3db6e286c3 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -17,6 +17,7 @@
 package org.apache.catalina.security;
 
 import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
 import java.util.Calendar;
 import java.util.Set;
 
@@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements 
LifecycleListener {
 
     private static final Log log = 
LogFactory.getLog(TLSCertificateReloadListener.class);
     private static final StringManager sm = 
StringManager.getManager(TLSCertificateReloadListener.class);
+    private final SimpleDateFormat dateFormat = new 
SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssXXX");
 
     // Configuration
     private int checkPeriod = 24 * 60 * 60;
@@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements 
LifecycleListener {
                                     
log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector,
                                             sslHostConfig.getHostName(),
                                             
expiringCertificate.getSubjectX500Principal().getName(),
-                                            
expiringCertificate.getNotAfter()));
+                                            
dateFormat.format(expiringCertificate.getNotAfter())));
                                 }
                             }
                         } catch (IllegalArgumentException iae) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 09b0227b59..faf938bb4a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
   issues do not "pop up" wrt. others).
 -->
 <section name="Tomcat 11.0.0-M14 (markt)" rtext="in development">
+  <subsection name="Catalina">
+    <changelog>
+      <fix>
+        <bug>67667</bug>: <code>TLSCertificateReloadListener</code> prints 
unreadable
+        rendering of <code>X509Certificate#getNotAfter()</code>. (michaelo)
+      </fix>
+    </changelog>
+  </subsection>
 </section>
 <section name="Tomcat 11.0.0-M13 (markt)" rtext="release in progress">
   <subsection name="Coyote">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to