Summary: | Key password no longer has to be same as keystore password | ||
---|---|---|---|
Product: | Tomcat 7 | Reporter: | Sebb <sebb> |
Component: | Documentation | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | P2 | ||
Version: | trunk | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | Windows XP |
Description
Sebb
2011-03-13 21:21:14 UTC
Does the following paragraph still apply to Tomcat 7? "Note: your private key password and keystore password should be the same. If they differ, you will get an error along the lines of java.io.IOException: Cannot recover key, as documented in Bugzilla issue 38217, which contains further references for this issue." I cannot get the keyPass attribute to work, so perhaps it is the other way round - the reference to the keyPass attribute should be removed. See also Bug 50928. The attribute "keyPass" is used, but *only* as a default for "keyStorePass". The documentation in http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support says: keyPass : The password used to access the server certificate from the specified keystore file. The default value is "changeit". which is not currently true, so the caveats in SSL Howto do still apply for now. Fixed in 7.0.x and will be in 7.0.12 onwards. |