[ 
https://issues.apache.org/jira/browse/FTPSERVER-93?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12521873
 ] 

Steve Jones commented on FTPSERVER-93:
--------------------------------------

It should just be a case of passing in your X509KeyManager implementation to 
the SSL context when initializing.

e.g. in DefaultSsl.java

        X509KeyManager myaliasingKeyManager = new 
FtpServerX509KeyManager(keystore, "myalias");

        // create SSLContext
        ctx = SSLContext.getInstance(protocol);
        ctx.init(new KeyManager[]{mykeymanager},
                 trustManagerFactory.getTrustManagers(),
                 null);

Where FtpServerX509KeyManager is your Tomcat based class that understands use 
of an alias when accessing a keystore.

> Support for alias when configuring SSL
> --------------------------------------
>
>                 Key: FTPSERVER-93
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-93
>             Project: FtpServer
>          Issue Type: Wish
>          Components: Core
>    Affects Versions: 1.0-M1
>            Reporter: Steve Jones
>            Assignee: Niklas Gustavsson
>             Fix For: 1.0-M2
>
>
> Configuration for the the SSL listeners should support an "alias".
> This would allow a particular key to be selected from a keystore.
> For reference, here's the tomcat class that does this:
>   org.apache.tomcat.util.net.jsse.JSSEKeyManager.java
> The only tricky part that I am aware of is that for JKS keystores the alias 
> should be converted to all lower case.
> Also for reference, this is the extended X509 key manager that uses aliases:
>   
> http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/X509ExtendedKeyManager.html

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to