Ticket #1648 [RFE] provide separate cipher lists for CS instances acting as client and server This patch provides subsystem->subsystem cipher configuration when acting as a client

1 files changed, 8 insertions, 2 deletions

diff --git a/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java b/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java
index 2b5ab2208..692d4ba87 100644
--- a/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java
+++ b/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java
@@ -178,6 +178,12 @@ public class ConnectionManager
             CMS.debug("ConnectionManager: createConnector(): nickName not found in config");
             throw new EBaseException("nickName not found in config");
         }
+        /*
+         * if tps.connector.<ca>.clientCiphers is specified, it will
+         * override the default;  If it is not specified, default will
+         * be used.
+         */
+        String clientCiphers = conf.getString("clientCiphers", null);
 
         // "resendInterval" is for Request Queue, and not supported in TPS
         int resendInterval = -1;
@@ -188,10 +194,10 @@ public class ConnectionManager
         CMS.debug("ConnectionManager: createConnector(): establishing HttpConnector");
         if (timeout == 0) {
             connector =
-                    new HttpConnector(null, nickname, remauthority, resendInterval, conf);
+                    new HttpConnector(null, nickname, clientCiphers, remauthority, resendInterval, conf);
         } else {
             connector =
-                    new HttpConnector(null, nickname, remauthority, resendInterval, conf, timeout);
+                    new HttpConnector(null, nickname, clientCiphers, remauthority, resendInterval, conf, timeout);
         }
 
         CMS.debug("ConnectionManager: createConnector(): ends.");