Eric Rescorla wrote: > > Nick Betteridge <[EMAIL PROTECTED]> writes: > > Eric Rescorla wrote: > > > > > > This didn't make it out the first time so I'm resending... > > > > > > I'm looking at what needs to be done to make the 3.3 SSL portablity > > > stuff work properly with Coyote. For the most part, this work has been > > > done--if you set the SSLImplementation appropriately and the correct > > > factory gets invoked. However, there appear to be some issues with > > > CoyoteServerSocketFactory and it's handling of configuration > > > directives: > > > > > > (1) CoyoteServerSocketFactory appears to be willing to handle a > > > "socketFactoryName". AFAICT, this is supplanted by SSLImplementation > > > and none of the other code does anything with it. Any reason not to > > > remove support for this directive entirely? > > > > > > (2) JSSE uses one keyfile (the keystore). PureTLS uses three, the > > > keyfile, the CA file, and the random file. I need to add new > > > directives to ServerSocketFactory to propagate those. > > > > > > > Erik - any chance of implementing this with a generic certificate/key > > factory so that the SocketFactory doesn't just rely on the default > > keystore? > I'm not sure exactly what you're looking for here. Can you provide > an example of how you'd like things to look? >
I'm currently using a simple factory to get around having to rely on the keystore file - all of my certificates are held in a jdo repository - below is the interface I'm using - if you need more, please mail and I'll send it on Rgds Nick public interface PureTLSCertificateFactoryInterface { public String getKeyAlias(); public void setKeyAlias(String alias); public String getKeyPassword(); public void setKeyPassword(String password); // Keys from files public String getKeyStoreFile(); public void setKeyStoreFile(String keyStoreFile); public String getRootFile(); public void setRootFile(String rootFile); public String getRandomFile(); public void setRandomFile(String randomFile); // Keys from streams public InputStream getKeyStoreStream(); public void setKeyStoreStream(InputStream keyStoreFile); public InputStream getRootStream(); public void setRootStream(InputStream rootFile); } -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>