DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=38217>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38217 Summary: mention that private key password and keystore password need to be the same (avoid "IOException: Cannot recover key") Product: Tomcat 5 Version: 5.5.14 Platform: Other URL: http://tomcat.apache.org/tomcat-5.5-doc/ssl- howto.html#Prepare the Certificate Keystore OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Connector:Coyote AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] As per org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystorePassword() "keypass" and "keystorePass" are the same. If e.g. with using http://sf.net/projects/portecle, some people are tempted to set a different key on the private key. Then, they get <<Error initializing endpoint java.io.IOException: Cannot recover key at org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:125) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) at org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.java:137) at org.apache.catalina.connector.Connector.initialize(Connector.java:1016) ...>> It would be great if there were a cautionary note in the ssl-howto.html see also http://www.ponton-consulting.de/en/faq/faq_advanced.html I guess the test at the bottom of http://marc.theaimsgroup.com/?l=tomcat-user&m=109363993616257&w=2 would succeed despite what is claimed... -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]