import org.apache.tomcat.util.net.SSLSessionManager;
import org.apache.tomcat.util.net.SSLSupport;
+import org.apache.tomcat.util.res.StringManager;
/** JSSESupport
private static final org.apache.juli.logging.Log log =
org.apache.juli.logging.LogFactory.getLog(JSSESupport.class);
+ private static final StringManager sm =
+ StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
+
private static final Map<SSLSession,Integer> keySizeCache =
new WeakHashMap<SSLSession, Integer>();
try {
certs = session.getPeerCertificates();
} catch( Throwable t ) {
- log.debug("Error getting client certs",t);
+ log.debug(sm.getString("jsseSupport.clientCertError"), t);
return null;
}
if( certs==null ) return null;
x509Certs[i] = (java.security.cert.X509Certificate)
cf.generateCertificate(stream);
} catch(Exception ex) {
- log.info("Error translating cert " + certs[i], ex);
+ log.info(sm.getString(
+ "jseeSupport.certTranslationError", certs[i]), ex);
return null;
}
}
protected void handShake() throws IOException {
if( ssl.getWantClientAuth() ) {
- log.debug("No client cert sent for want");
+ log.debug(sm.getString("jsseSupport.noCertWant"));
} else {
ssl.setNeedClientAuth(true);
}
if (ssl.getEnabledCipherSuites().length == 0) {
// Handshake is never going to be successful.
// Assume this is because handshakes are disabled
- log.warn("SSL server initiated renegotiation is disabled, closing connection");
+ log.warn(sm.getString("jsseSupport.serverRenegDisabled"));
session.invalidate();
ssl.close();
return;
try {
in.read(b);
} catch(SSLException sslex) {
- log.info("SSL Error getting client Certs",sslex);
+ log.info(sm.getString("jsseSupport.clientCertError"), sslex);
throw sslex;
} catch (IOException e) {
// ignore - presumably the timeout
jsse.keystore_load_failed=Failed to load keystore type {0} with path {1} due to {2}
jsse.invalid_ssl_conf=SSL configuration is invalid due to {0}
jsse.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation.
-jsse.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager
\ No newline at end of file
+jsse.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager
+jsseSupport.clientCertError=Error trying to obtain a certificate from the client
+jseeSupport.certTranslationError=Error translating certificate [{0}]
+jsseSupport.noCertWant=No client certificate sent for want
+jsseSupport.serverRenegDisabled=SSL server initiated renegotiation is disabled, closing connection
+jsseSupport.unexpectedData=Unexpected data read from input stream
\ No newline at end of file
projects / tomcat7.0 / commitdiff