|Summary:||libtcnative prompts for private key password in some situations|
|Product:||Tomcat Native||Reporter:||Michael Osipov <michaelo>|
|Component:||Library||Assignee:||Tomcat Developers Mailing List <dev>|
Description Michael Osipov 2020-10-19 09:59:55 UTC
Based the discussion here: https://email@example.com/msg136430.html libtcnative might prompt for a password if the given password is wrong or not supplied. This happens only when the private key is encrypted. This has several issues: * It is not guaranteed that stdin is attached to a TTY * No information about the certificate is given. If I have more than one which is it? * Even though Javadocs of libtcnative document it, connector documentation never mentions this. mod_ssl has the SSLPassPhraseDialog where the admin can strictly control how this has to be done. From an admin's POV, I would rather expect an exception in the logs rather than blocking the entire process.