[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 Mark Thomas changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #7 from Mark Thomas --- The patch looks OK. I don't see any reason why it wouldn't be safe to use in production. One minor comment is that it refers to local String "jsse.invalidKeyManagerClassName" that doesn't exist. Back-porting the reloading from 8.5.x isn't an option as it depends on some major factoring that took place in 8.5.x. I don't think we should add this feature to 7.0.x. Adding the feature to 7.0.x would create the expectation that the feature would also exist in 8.5.x onwards and there is - currently - no use case for this feature in 8.5.x onwards. I am therefore resolving this as WONTFIX. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 --- Comment #6 from Wang, Simon <18616998...@163.com> --- And is it possible to port reloadHostConfigs logic to 7.x? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 --- Comment #5 from Wang, Simon <18616998...@163.com> --- I'll check that code in 8.5.x. could you give a hand to review current PR too? Any potential risks? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 --- Comment #4 from Mark Thomas--- TLS config reloading implementation in AbstractEndpoint. See reloadSslHostConfigs() etc. Exposed via JMX and the Manager app. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 --- Comment #3 from Wang, Simon <18616998...@163.com> --- Thanks for your comments. could you give more details about Tomcat-8.5 reloading TLS config? Another concern is: that's big impact for us to upgrade Tomcat7 to Tomcat-8.5. Could you give a hand to review my PR to see whether there are potential risk for this patch. We could use this patch for ourselves first, then later upgrade to Tomcat-8.5 after have thorough testing and evaluation on potential changes. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 Mark Thomaschanged: What|Removed |Added Severity|normal |enhancement --- Comment #2 from Mark Thomas --- Tomcat 8.5.x onwards supports re-reading the entire TLS config - including the key store. I'd recommend a move to 8.5.x. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 --- Comment #1 from Wang, Simon <18616998...@163.com> --- I filed PR here: https://github.com/apache/tomcat70/pull/15 Any guys could give a hand to take a look at it, whether that's ok? I can file another PR for Tomcat trunk (latest version) separately. I'd prefer to learn your guys feedbacks about this fix. Whether there is potential issues or problems. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146 Wang, Simon <18616998...@163.com> changed: What|Removed |Added OS|Mac OS X 10.1 |All -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org