Thanks Chris > It's worth stopping here to note that > Tomcat's keystore and truststore > configuration only effect the connections > coming into Tomcat.over > whatever > <Connector> is being configured with those stores. I thought that may be the case, but needed someone to confirm. I assumed I would have to set the location myself, I was just hoping Tomcat might set something I could use by my code, but sounds like, no.
> Good. Well, not good > but at least SOMETHING is happening. Can you post > exactly that you typed, and where? In the Java tab in the options entry area I added the following lines: -Djavax.net.ssl.trustStore=e:\tomcat8\cert3\mystore -Djavax.net.ssl.trustStorePassword=mypassword -Djavax.net.ssl.keyStore=e:\tomcat8\cert3\mystore -Djavax.net.ssl.keyStorePassword=mypassword And as I mentioned, when I did System.getProperty on these values, the keyStore was set to the value I entered, but the trustStore was not. It was still the value coming in from somewhere else. I don't know how the System property is being set, but using the -D in the service tool did not work. > No filename > extension? That's uncommon, but not necessarily a > problem. In this case, not my choice and hopefully no extension isn't causing an issue. I used what was done prior to my involvement > You'd have to look around in the > configuration utility. There are many > boxes, > but it should be there somewhere. It looks like the config is stored in the registry, I searched that and I do not see mystore anywhere in the registry. > Tomcat itself sets none of > this. If it's in the system properties, > it's because of some explicit configuration > *somewhere*. I believe you when you say it is not Tomcat. But I searched the server and registry, and I just cannot find where it is being set: I thought System properties were either set via env variables (I did a set | more and do not see the value anywhere) or is passed to the jvm using -D (but as I mentioned, when I did this, nothing got set for trustStore, though keyStore did get set). I'm missing something, I just don't know what it is. I could set it directly in my code and that is an option, but I'd like to know hwere that proerpty is coming from before I play with code (to make sure I'm not breaking something else). I'll keep looking for it. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org