Re: How to integrate alternative SSLContext?
Hi Mark,
On Thu, Aug 24, 2023 at 7:26 AM Mark Thomas wrote:
> >> You shouldn't need a custom connector. As things stand currently, you
> >> would need a custom SSLImplementation although you should be able to
> >> extend the exising JSSE support for most of that.
> >
> > How can I take the default Connector to use this custom
> SSLImplementation?
>
> https://tomcat.apache.org/tomcat-11.0-doc/config/http.html
>
> Look for sslImplementationName
Thanks for this hint very much!
The below line works for me,
connector.setProperty("sslImplementationName",
AltJSSEImplementation.class.getName());
Best regards,
John Jiang
Re: How to integrate alternative SSLContext?
On 23/08/2023 14:20, John Jiang wrote: Hi Mark, Thanks for your reply! On Thu, Aug 24, 2023 at 12:15 AM Mark Thomas wrote: On 23/08/2023 00:44, John Jiang wrote: Hi, I'm using tomcat-embed-core 9.0.78 + OpenJDK 11.o.19. My project needs a custom javax.net.ssl.SSLContext implementation. Why? What problem are you trying to solve? My project needs alternative cipher suites, EC group and signature scheme. How can I integrate this custom SSLContext to the embedded Tomcat server? I don't find any convenient API for this case. Do I have to provide a new SSLImplementation, and then pass it to a custom Connector? You shouldn't need a custom connector. As things stand currently, you would need a custom SSLImplementation although you should be able to extend the exising JSSE support for most of that. How can I take the default Connector to use this custom SSLImplementation? https://tomcat.apache.org/tomcat-11.0-doc/config/http.html Look for sslImplementationName Mark I didn't find the public APIs or configurations to do that. It looks need to set this new SSLImplementation class name in method Connector::initInternal. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to integrate alternative SSLContext?
Hi Mark, Thanks for your reply! On Thu, Aug 24, 2023 at 12:15 AM Mark Thomas wrote: > On 23/08/2023 00:44, John Jiang wrote: > > Hi, > > I'm using tomcat-embed-core 9.0.78 + OpenJDK 11.o.19. > > My project needs a custom javax.net.ssl.SSLContext implementation. > > Why? What problem are you trying to solve? > My project needs alternative cipher suites, EC group and signature scheme. > > How can I integrate this custom SSLContext to the embedded Tomcat > > server? > > I don't find any convenient API for this case. > > Do I have to provide a new SSLImplementation, and then pass it to a > > custom > > Connector? > > You shouldn't need a custom connector. As things stand currently, you > would need a custom SSLImplementation although you should be able to > extend the exising JSSE support for most of that. How can I take the default Connector to use this custom SSLImplementation? I didn't find the public APIs or configurations to do that. It looks need to set this new SSLImplementation class name in method Connector::initInternal. Best regards, John Jiang
Re: How to integrate alternative SSLContext?
On 23/08/2023 00:44, John Jiang wrote: Hi, I'm using tomcat-embed-core 9.0.78 + OpenJDK 11.o.19. My project needs a custom javax.net.ssl.SSLContext implementation. Why? What problem are you trying to solve? How can I integrate this custom SSLContext to the embedded Tomcat server? I don't find any convenient API for this case. Do I have to provide a new SSLImplementation, and then pass it to a custom Connector? You shouldn't need a custom connector. As things stand currently, you would need a custom SSLImplementation although you should be able to extend the exising JSSE support for most of that. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
