cvs commit: jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni SSL.properties
mturk 2005/07/05 09:24:06 Modified:jni/examples/org/apache/tomcat/jni SSL.properties Log: Update properties to use the certificates generated with mkcerts script. Revision ChangesPath 1.3 +4 -3 jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSL.properties Index: SSL.properties === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSL.properties,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- SSL.properties7 Jun 2005 09:16:59 - 1.2 +++ SSL.properties5 Jul 2005 16:24:06 - 1.3 @@ -1,6 +1,7 @@ # SSL Server and client properties server.port=4443 -server.cert=server.crt -server.key=server.key +server.cert=localhost.crt +server.key=localhost.key +server.password=secret server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL -#server.password=Certificate password goes here. +server.verify=none \ No newline at end of file - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni SSL.properties SSLServer.java
mturk 2005/06/07 02:16:59 Modified:jni/examples/org/apache/tomcat/jni SSL.properties SSLServer.java Log: Add password property. This is of course insecure, but the real application would obtain a password using some more secure method. Revision ChangesPath 1.2 +1 -0 jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSL.properties Index: SSL.properties === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSL.properties,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- SSL.properties6 Jun 2005 08:15:52 - 1.1 +++ SSL.properties7 Jun 2005 09:16:59 - 1.2 @@ -3,3 +3,4 @@ server.cert=server.crt server.key=server.key server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL +#server.password=Certificate password goes here. 1.2 +5 -3 jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java Index: SSLServer.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- SSLServer.java6 Jun 2005 08:15:52 - 1.1 +++ SSLServer.java7 Jun 2005 09:16:59 - 1.2 @@ -22,6 +22,7 @@ public static String serverCert = null; public static String serverKey = null; public static String serverCiphers = null; +public static String serverPassword = null; private static Object threadLock = new Object(); @@ -38,7 +39,8 @@ serverNmax = Integer.decode(props.getProperty(server.max, 1)).intValue(); serverCert = props.getProperty(server.cert, server.pem); serverKey = props.getProperty(server.key, null); -serverCiphers = props.getProperty(server.ciphers, ALL); +serverCiphers = props.getProperty(server.ciphers, ALL); +serverPassword = props.getProperty(server.password, null); } catch (Throwable t) { ; // Nothing @@ -55,7 +57,7 @@ /* List the ciphers that the client is permitted to negotiate. */ SSLContext.setCipherSuite(serverCtx, serverCiphers); /* Load Server key and certificate */ -SSLContext.setCertificate(serverCtx, serverCert, serverKey, null, SSL.SSL_AIDX_RSA); +SSLContext.setCertificate(serverCtx, serverCert, serverKey, serverPassword, SSL.SSL_AIDX_RSA); SSLContext.setVerifyDepth(serverCtx, 10); SSLContext.setVerifyClient(serverCtx, SSL.SSL_CVERIFY_REQUIRE); - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni SSL.properties SSLServer.java
mturk 2005/06/06 01:15:52 Added: jni/examples/org/apache/tomcat/jni SSL.properties SSLServer.java Log: Add Simple SSL Server example. Revision ChangesPath 1.1 jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSL.properties Index: SSL.properties === # SSL Server and client properties server.port=4443 server.cert=server.crt server.key=server.key server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 1.1 jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java Index: SSLServer.java === package org.apache.tomcat.jni; import java.util.Properties; import java.io.*; import java.net.*; import java.lang.*; /** SSL Server server example * * @author Mladen Turk * @version $Revision: 1.1 $, $Date: 2005/06/06 08:15:52 $ */ public class SSLServer { public static String serverAddr = null; public static int serverPort= 0; public static int serverNmax= 0; public static long serverPool = 0; public static long serverCtx= 0; public static String serverCert = null; public static String serverKey = null; public static String serverCiphers = null; private static Object threadLock = new Object(); static { try { InputStream is = SSLServer.class.getResourceAsStream (/org/apache/tomcat/jni/SSL.properties); Properties props = new Properties(); props.load(is); is.close(); serverAddr = props.getProperty(server.ip, 127.0.0.1); serverPort = Integer.decode(props.getProperty(server.port, 4443)).intValue(); serverNmax = Integer.decode(props.getProperty(server.max, 1)).intValue(); serverCert = props.getProperty(server.cert, server.pem); serverKey = props.getProperty(server.key, null); serverCiphers = props.getProperty(server.ciphers, ALL); } catch (Throwable t) { ; // Nothing } } public SSLServer() { int i; serverPool = Pool.create(0); try { /* Create SSL Context, one for each Virtual Host */ serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER); /* List the ciphers that the client is permitted to negotiate. */ SSLContext.setCipherSuite(serverCtx, serverCiphers); /* Load Server key and certificate */ SSLContext.setCertificate(serverCtx, serverCert, serverKey, null, SSL.SSL_AIDX_RSA); SSLContext.setVerifyDepth(serverCtx, 10); SSLContext.setVerifyClient(serverCtx, SSL.SSL_CVERIFY_REQUIRE); } catch (Exception e) { e.printStackTrace(); } } public static void main(String [] args) { try { Library.initialize(null); SSL.initialize(null); SSLServer server = new SSLServer(); } catch (Exception e) { e.printStackTrace(); } } } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]