[ 
https://issues.apache.org/jira/browse/FTPSERVER-93?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12522056
 ] 

Niklas Gustavsson commented on FTPSERVER-93:
--------------------------------------------

That's pretty much exactly what I did, except that the custom KeyManager wraps 
another X509KeyManager, rather then directly handling the key store. It works 
in all test cases except one, the one where we enable a specific cipher spec 
and use the MINA listener implementation. If this is a fault in FtpServer, MINA 
or the JRE I'm still unsure of. 

I've attached a patch for the change I've done. Please try to apply it and run 
the SSL tests, it should show the test failure I'm seeing.

> Support for alias when configuring SSL
> --------------------------------------
>
>                 Key: FTPSERVER-93
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-93
>             Project: FtpServer
>          Issue Type: Wish
>          Components: Core
>    Affects Versions: 1.0-M1
>            Reporter: Steve Jones
>            Assignee: Niklas Gustavsson
>             Fix For: 1.0-M2
>
>         Attachments: keyalias.patch
>
>
> Configuration for the the SSL listeners should support an "alias".
> This would allow a particular key to be selected from a keystore.
> For reference, here's the tomcat class that does this:
>   org.apache.tomcat.util.net.jsse.JSSEKeyManager.java
> The only tricky part that I am aware of is that for JKS keystores the alias 
> should be converted to all lower case.
> Also for reference, this is the extended X509 key manager that uses aliases:
>   
> http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/X509ExtendedKeyManager.html

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to