Sanaullah wrote:
Hi,
is there a way i ca replace plain JKS keystore password with encrypted
password in tomcat server.xml?
This kind of question comes regularly on this list, I would say 2 or 3 times
each year.
Searching the list archives (mentioned in the superb on-line Tomcat documentation) would
provide a number of discussions on the topic.
The basic answer is no, because then Tomcat would need to be able to decrypt it; and to do
that, it would need to know a decryption key; and to know that, this decryption key would
need to be stored somewhere; loop to the beginning of this paragraph.
And if someone non-authorized has access to Tomcat's server.xml, then you have bigger
problems than a non-encrypted password.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
