Hi Alexey,
I coded a custom KeyManager, luckily, it is works.
But, when I was trying to code a custom TrustManager is failed. And, when
changing the way to the original one(using TrustStore File Only) from your
sample:
1) serverSslContext.setTrustStoreFile(..) , .setTrustStorePass(…),
2) context = serverSslContext.createSSLContext();
3) new SSLEngineConfigurator(context, false, false, false);
it is still failed. Is there something I missed?
*** the .crt imported in the TrustStore and the browser trusted it
already***
Thanks
Lee
On 3 February 2015 at 21:25, Lee You <lee.y.y.you_at_gmail.com> wrote:
> Hi Alexey,
>
> Yes, that is true, a specific SSLEngine is needed before the SSL
> handshaking.
>
> To add an interface in SSLEngineConfigurator/SSLContextConfigurator/new
> class for supporting custom KeyManager is really a good idea, then we need
> not care about the keyStore anymore. And our Grizzly will be more
> flexible.
>
> If there is any sample for it that would be great!
>
> Thanks again!
> Lee
>
>
> >>>>>>>>>
> Hi Lee,
>
> if you could set the KeyManager for SSLEngineConfiguration would it help
> to solve the problem?
> What if inside the custom KeyManager you knew the SNI host of a specific
> SSLEngine (before starting handshake) - would it help?
>
> WBR,
> Alexey.
>
>
>