This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes Tomcat and the fly likes how to pass the keystorePass as encrypted password in server.xml for https configuration Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "how to pass the keystorePass as encrypted password in server.xml for https configuration" Watch "how to pass the keystorePass as encrypted password in server.xml for https configuration" New topic
Author

how to pass the keystorePass as encrypted password in server.xml for https configuration

Anantha Reddy
Greenhorn

Joined: Jun 24, 2008
Posts: 12
Hi All

how to pass the keystorePass as encrypted password in server.xml for https configuration?
ex: this is my server.xml

<Connector SSLEnabled="true" scheme="https" secure="true" port="8443"
protocol="HTTP/1.1" clientAuth="false" keystoreFile="C:\ServerDir\certs\CH_Keystore.jks" keystorePass="checpix"
keyAlias="checpix"/>

i want to pass the 'keystorePass' attribtue value as 'encrypted', but its a server or jvm level change require i think, bcz of these keystore
are stored in server level only, not in code level.

is there any way to send encrypted pwd instead of sending plain text password?
or
is there any way to send the keystore file and password through jvm level setting?

Thanks
Ananth
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16022
    
  20

I don't have a clue what you are asking. You don't "pass" the keystore password, you specify it on the server.xml Connector element for TLS. The value is not encrypted because the server.xml file is not something that non-authorized users can look at. At least it isn't if you are following even the most basic security practices for a secure shop.

Customer surveys are for companies who didn't pay proper attention to begin with.
 
Don't get me started about those stupid light bulbs.
 
subject: how to pass the keystorePass as encrypted password in server.xml for https configuration