Timothy, On 6/25/24 10:39, Timothy Resh wrote:
In the SSLPassword="${KSENC(6qkaMErQ==; C:\Certificate\Keystore\Vessel.p12)}"we defined a Class to convert the Encrypted password and set the following properties: public class MyPropertySource implements org.apache.tomcat.util.IntrospectionUtils.PropertySource ... public String getProperty(String arg0) { if (arg0.contains("KSENC(")) { .... System.setProperty("javax.net.ssl.keyStore", keyStorePath); System.setProperty("javax.net.ssl.keyStorePassword", clearText); System.setProperty("javax.net.ssl.trustStore", trustStorePath); System.setProperty("javax.net.ssl.trustStorePassword", clearText); } ... } This class will set the following properties at the beginning of Tomcat init In my debugging I found that it could not determine the store properly. So, I tried putting in the keystoreType="PKCS12 and now it works. I hope this helps. I'm still set up for debugging if you need something looked at.
FYI I /think/ that all the javax.net.ssl.* properties are read only once during JSSE initialization. It's entirely possible that JSSE is configured *before* this code runs and it doesn't have any effect. For JVM-wide properties like these, it's best to set those system properties on the command-line instead of waiting for Java code to set them.
-chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
