So then could I extend org.apache.tomcat.util.net.JSSEImplementation to create my own implementation and override the getServerSocketFactory() to create one that uses my custom trust manager? Does that sound right to you?
Will that only work with tomcat 5? Is there something that I can do that will be compatible with both 4 and 5? Our application is currently running on 4 but we plan on moving to 5 in the (near?) future. Thanks for your help. Monika. --- Bill Barker <[EMAIL PROTECTED]> wrote: > Firstly, the only SSLServerSocketFactory that > actually does anything is the > one for the deprecated HttpConnector in TC 4. With > the CoyoteConnector, it > is possible to plug in your own SSLImplementation > (which, among other > things, would allow you to install your own > TrustManager), but most people > find this to be too much work. > > Of course, if you want to implement your own > SecurityProvider, than that is > another means to install your own TrustManager ;-). > > "im dolor" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > > Hello, > > > > I would like to be able to use CRL checking in > Tomcat. > > I thought that I would implement my own trust > manager > > which would download the crl and check against it > > every time the checkXXXTrusted method is called. > > However, I do not see anywhere in the > configuration > > where it would be possible to cause Tomcat to use > this > > trust manager. I see that there is a parameter in > the > > connector to set the SSLServerSocket factory. I > > suppose that I could implement my own socket > factory > > that used my own TrustManager. However, I see that > the > > dcoumentation calims that i must use the catalina > > version of this class. Why is that? Can I change > it? > > > > Thank you for your help. > > > > > > > > > > > > > > __________________________________ > > Do you Yahoo!? > > New and Improved Yahoo! Mail - 100MB free storage! > > http://promotions.yahoo.com/new_mail > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
