On 02/05/18 01:48, Mark Boon wrote: > In the Tomcat TLS Connecter configuration, there’s the trustManagerClassName > that can be set to a Java implementation of the X509TrustManager interface. > There’s also a configuration called keystoreFile from which it will read the > certificate-key pair to set up the SSL connection. I was wondering if there’s > also a way to configure a class that will provide the SSL certificate? My > company would like to plug in their own mechanism to store and retrieve > certificates, rather than the Java Key Store. > > I have seen references to a keystoreProvider, but I have been unable to find > anything that provides an example how that is to be used, so I’m not sure > that serves for what I’m looking for. > > Any pointer to how that could be accomplished would be highly appreciated.
Writing a custom Keystore provider would be the most portable solution. https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/HowToImplAProvider.html has some pointers. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org