https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
Mark Thomas changed:
What|Removed |Added
Resolution|--- |FIXED
Status|NEW
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #15 from quartz ---
nio: ok. Sorry.
As for TLS parsing, there can be a whole lot of stuff well beyond 100 bytes in
client hello, namely yet unknown extensions. TLS records proto msg length is up
to 2^14-1 bytes. Not an issue I gues
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #12 from Mark Thomas ---
Keeping the config at the connector level is probably the way to go. There are
weird and wonderful configuration possibilities like one Connector on one
interface with one set of certs for internal users and
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #11 from Christopher Schultz ---
(In reply to Unlogic from comment #10)
> Well this is a bit tricky because there is two sides to this coin.
>
> In some cases you have a wildcard certificates or subject alternative name
> certifica
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #10 from Unlogic ---
Well this is a bit tricky because there is two sides to this coin.
In some cases you have a wildcard certificates or subject alternative name
certificates the cover lots of domains. In those cases the current c
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #9 from Christopher Schultz ---
I'm starting to re-think the configuration because it's starting to
look a lot like the configuration.
Would it make more sense to put the TLS configuration on the element
instead? This would be m
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #8 from Christopher Schultz ---
That sounds reasonable to me. Since the configuration for each hostname would
need to be maintained separately, being able to tie several hostnames together
would be beneficial.
On the other hand, if
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #7 from Unlogic ---
I think that sounds like a very good approach which would be easy to add to
existing server configurations.
Since a single certificate can contain multiple subject alternative names
(http://en.wikipedia.org/wiki
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #6 from Christopher Schultz ---
Proposed configuration vocabulary, which is backward-compatible with existing
configurations:
The TLS configuration attributes on the will become the default TLS
configuration
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #5 from Unlogic ---
This will surely be a killer function if it makes to Tomcat 9. As the use of
Windows XP is fading out the demand for SNI support is increasing by the day.
--
You are receiving this mail because:
You are the
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
Unlogic changed:
What|Removed |Added
CC||unlo...@unlogic.se
--
You are receiving
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
Mark Thomas changed:
What|Removed |Added
Component|Connectors |Connectors
Version|trunk
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
Ralf Hauser changed:
What|Removed |Added
CC||hau...@acm.org
--- Comment #3 from R
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
--- Comment #2 from Christopher Schultz ---
This may be an opportunity to fix the inability to respond to HTTP requests on
HTTPS endpoints.
We get complaints every once in a while that if you "telnet host 443" against
Tomcat, you get a hun
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
Mark Thomas changed:
What|Removed |Added
Component|Common |Connectors
Version|unspec
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
Chuck Caldarale changed:
What|Removed |Added
Severity|normal |enhancement
--
You are receivin
https://issues.apache.org/bugzilla/show_bug.cgi?id=57108
quartz changed:
What|Removed |Added
CC||quartz...@yahoo.com
--
You are receiving
17 matches
Mail list logo