Tomcat 9 doesnt load ECDSA keystore

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Tomcat 9 doesnt load ECDSA keystore

Madhan Raj
Hi all, 

this is my connector tag 
<Connector SSLEnabled="true" URIEncoding="UTF-8"  maxThreads="200" port="443"  scheme="https" secure="true" protocol="org.apache.coyote.http11.Http11NioProtocol" sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" minSpareThreads="25">
<SSLHostConfig sslProtocol="TLS" certificateVerification="none" sessionTimeout="1800" protocols="TLSv1,TLSv1.1,TLSv1.2,TLSv1.3" ciphers="ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:AES256-SHA:DHE-DSS-AES256-SHA:AES128-SHA:DHE-RSA-AES128-SHA" sessionCacheSize="10000">
<Certificate certificateKeyAlias="tomcat-ecdsa" certificateKeystoreFile="/usr/local/platform/.security/tomcat-ECDSA/certs/tomcat-ECDSA.keystore" certificateKeystorePassword="8o8yeAH2qSJbJ2sn" certificateKeystoreType="PKCS12" type="EC"/>
</SSLHostConfig>
</Connector>


it doesn't load my EC keystore whereas it works with RSA . Any insights please .

Thanks,
Madhan
Reply | Threaded
Open this post in threaded view
|

Re: Tomcat 9 doesnt load ECDSA keystore

Yann Ylavic
Hi Madhan,

wrong list, consider asking on [hidden email] instead.

Regards;
Yann.

On Wed, Jun 3, 2020 at 3:07 AM Madhan Raj <[hidden email]> wrote:

>
> Hi all,
>
> this is my connector tag
> <Connector SSLEnabled="true" URIEncoding="UTF-8"  maxThreads="200" port="443"  scheme="https" secure="true" protocol="org.apache.coyote.http11.Http11NioProtocol" sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" minSpareThreads="25">
> <SSLHostConfig sslProtocol="TLS" certificateVerification="none" sessionTimeout="1800" protocols="TLSv1,TLSv1.1,TLSv1.2,TLSv1.3" ciphers="ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:AES256-SHA:DHE-DSS-AES256-SHA:AES128-SHA:DHE-RSA-AES128-SHA" sessionCacheSize="10000">
> <Certificate certificateKeyAlias="tomcat-ecdsa" certificateKeystoreFile="/usr/local/platform/.security/tomcat-ECDSA/certs/tomcat-ECDSA.keystore" certificateKeystorePassword="8o8yeAH2qSJbJ2sn" certificateKeystoreType="PKCS12" type="EC"/>
> </SSLHostConfig>
> </Connector>
>
>
> it doesn't load my EC keystore whereas it works with RSA . Any insights please .
>
> Thanks,
> Madhan

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Tomcat 9 doesnt load ECDSA keystore

Madhan Raj
Thanks Yann , will do that 


On Wed, Jun 3, 2020 at 5:53 AM Yann Ylavic <[hidden email]> wrote:
Hi Madhan,

wrong list, consider asking on [hidden email] instead.

Regards;
Yann.

On Wed, Jun 3, 2020 at 3:07 AM Madhan Raj <[hidden email]> wrote:
>
> Hi all,
>
> this is my connector tag
> <Connector SSLEnabled="true" URIEncoding="UTF-8"  maxThreads="200" port="443"  scheme="https" secure="true" protocol="org.apache.coyote.http11.Http11NioProtocol" sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" minSpareThreads="25">
> <SSLHostConfig sslProtocol="TLS" certificateVerification="none" sessionTimeout="1800" protocols="TLSv1,TLSv1.1,TLSv1.2,TLSv1.3" ciphers="ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:AES256-SHA:DHE-DSS-AES256-SHA:AES128-SHA:DHE-RSA-AES128-SHA" sessionCacheSize="10000">
> <Certificate certificateKeyAlias="tomcat-ecdsa" certificateKeystoreFile="/usr/local/platform/.security/tomcat-ECDSA/certs/tomcat-ECDSA.keystore" certificateKeystorePassword="8o8yeAH2qSJbJ2sn" certificateKeystoreType="PKCS12" type="EC"/>
> </SSLHostConfig>
> </Connector>
>
>
> it doesn't load my EC keystore whereas it works with RSA . Any insights please .
>
> Thanks,
> Madhan

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]