Hi Jeanfrancois,
not that I want to deny my responsibility.
If I felt being able to do one of the patches,
I would not hesitate. I wouldn't post my thoughts
here, but the ready-made patches instead, of
course. ;-)
But: I think the only persons who really have the
knowledge required to create a migration stylesheet
are the Tomcat developers, as they are the only
persons knowing what tags there actually are, and
how they were changed over the time.
People like me could derive this kind of information
from a DTD or schema, but there is none...
Vicious circle, here! ;-)
But I'll think about starting the XSL-T migration
thing. Maybe we can persuade the Tomcat developers
to add there wisdom.
In fact, I think, it would be possible to start
very simple. The migration wouldn't be completely
done by the stylesheet, but some conversion would
already be done automatically, that has not to be
done by hand. Like removing Factory tags and
changing attribute name Protocol to sslProtocol.
What do you think? Do you think it could be done,
and lead to a really useful result? I'm optimistic,
but I'm only a Tomcat user, not a Tomcat developer,
and so I might overlook the big rock right in my
way... ;-)
Regards
Alex
> -----Original Message-----
> From: Jeanfrancois Arcand [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, December 10, 2003 3:21 PM
> To: Tomcat Users List
> Cc: Ankur Shah
> Subject: Re: TC5 + SSL: Keystore password bound to default "changeit"?
>
>
>
>
> Baer Peter Christoph Alexander wrote:
>
> >Am Dienstag, 9. Dezember 2003 20:54 schrieb Ankur Shah:
> >
> >
> >>Remy Maucherat wrote:
> >>
> >>
> >>>Baer Peter Christoph Alexander wrote:
> >>>
> >>>
> >>>>Hi!
> >>>>
> >>>>I have a question about something, I observe, but don't
> >>>>want to believe... ;-)
> >>>>
> >>>>Tomcat 5 can use my keystore, but only if the password is
> >>>>"changeit", the default password. Now, the docs say, one
> >>>>should use this, but with TC 4.0.6 it was possible to
> >>>>change it. Is the password hard coded in TC 5?
> >>>>
> >>>>
> >>>I didn't test that particular feature myself, but I
> believe this works
> >>>ok.
> >>>The way connectors parameters (and in particular SSL
> parameters) are
> >>>defined changed in TC 5.0.x. Look there:
> >>>http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/coyote.html
> >>>There's the SSL howto also.
> >>>
> >>>
> >>Also, you might want to make sure that the password of your
> *target key*
> >>matches your keystore password. I'm not sure how that plays out in
> >>tomcat world, but I can see that to be a problem if the
> server assumes
> >>the key's password to be the same as that of the keystore.
> >>
> >>
> >
> ><Thoughts>
> ><Just an idea>
> >server.xml is an XML file. It used to be XML in TC4, and it
> >ist still XML in TC5. Shouldn't it be possible, then, to
> write an XSL-T
> >stylesheet converting old config files into newer formats?
> >That would considerably ease migration/upgrade pains...
> ></Just an idea>
> >
> >
> Yes, it could. You're more than Welcome to submit a patch :-)
>
>
> ><Just an idea>
> >If we had an XML schema definition (be it W3C XML schema,
> >Relax NG or whatever), an XML editor like Pollo or XML Spy
> >could validate the config file. This would help to avoid and
> >reveal mistakes and thus speed up Tomcat configuration...
> ></Just an idea>
> >
> >
> Just search that list on the topic ;-) It is not possible at
> the moment
> to have a DTD or schema for the server.xml (due to its
> complexity). If
> you have time and think you can come with something, a second
> patch is
> welcome!
>
> -- Jeanfrancois
>
> ></Thoughts>
> >
> >Regards
> >
> > Alex
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: [EMAIL PROTECTED]
> >For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
