#10 Support for PKCS #11 KeyStore
Closed: wontfix a year ago by cipherboy. Opened 3 years ago by edewata.

In order to run Tomcat 8.5+ with SSL server certificate and key stored in HSM, the Tomcat HTTP NIO connector needs to be configured with PKCS #11 keystore with JSS as keystore provider.

Currently JSS keystore is not working. It needs to be fixed.


Metadata Update from @cipherboy:
- Custom field component adjusted to None
- Custom field feature adjusted to None
- Custom field origin adjusted to None
- Custom field proposedmilestone adjusted to None
- Custom field proposedpriority adjusted to None
- Custom field reviewer adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None

3 years ago

Closing this as WONTFIX. We've added support for a SSLEngine using our KeyStore/KeyManager/TrustManagers provided by JSS into TomcatjSS, while also introducing a JSSEngine implementation of SSLEngine. This means we don't strictly have to work with OpenJDK's SunJSSE-with-SunPKCS11-FIPS's PKCS#11 KeyStore.

Metadata Update from @cipherboy:
- Issue close_status updated to: wontfix
- Issue status updated to: Closed (was: Open)

a year ago

Login to comment on this ticket.

Metadata