@@ -37,29 +37,28 @@ <h1>Using SSL</h1>
3737 logging events over the network.
3838 </ p >
3939
40- < p > Logback Classic supports two SSL-enabled logging servers.
41- < ul >
42- < li > The < a href ="../xref/ch/qos/logback/classic/net/server/SSLSocketServer.html ">
43- < code > SSLSocketServer</ code > </ a > is a logging server component
44- that can be added to any Logback configuration file (e.g.
45- < em > logback.xml</ em > ) to allow logging events to be
46- received from a remote logger and logged according to the
47- local configuration.
48- </ li >
49- < li > For those who are presently using
50- < a href ="../xref/ch/qos/logback/classic/net/SimpleSocketServer.html ">
51- < code > SimpleSocketServer</ code > </ a > and simply want to start
52- using < code > SSLSocketAppender</ code > to deliver logging
53- events over a secure channel, Logback Classic provides the
54- < a href ="../xref/ch/qos/logback/classic/net/SimpleSSLSocketServer.html ">
55- < code > SimpleSSLSocketServer</ code > </ a > . This server
56- supports the same command line interface as the plain old
57- < code > SimpleSocketServer</ code > , while offering secure
58- transport for logging events over the network.
59- </ li >
60- </ ul >
61- </ p >
62-
40+ < p > Logback Classic supports two SSL-enabled logging servers.</ p >
41+ < ul >
42+ < li > The < a href ="../xref/ch/qos/logback/classic/net/server/SSLSocketServer.html ">
43+ < code > SSLSocketServer</ code > </ a > is a logging server component
44+ that can be added to any Logback configuration file (e.g.
45+ < em > logback.xml</ em > ) to allow logging events to be
46+ received from a remote logger and logged according to the
47+ local configuration.
48+ </ li >
49+ < li > For those who are presently using
50+ < a href ="../xref/ch/qos/logback/classic/net/SimpleSocketServer.html ">
51+ < code > SimpleSocketServer</ code > </ a > and simply want to start
52+ using < code > SSLSocketAppender</ code > to deliver logging
53+ events over a secure channel, Logback Classic provides the
54+ < a href ="../xref/ch/qos/logback/classic/net/SimpleSSLSocketServer.html ">
55+ < code > SimpleSSLSocketServer</ code > </ a > . This server
56+ supports the same command line interface as the plain old
57+ < code > SimpleSocketServer</ code > , while offering secure
58+ transport for logging events over the network.
59+ </ li >
60+ </ ul >
61+ s
6362 < h2 class ="doAnchor "> SSL and X.509 Certificates</ h2 >
6463 < p > In order to use SSL-enabled Logback components, you will need an
6564 X.509 credential (a private key, corresponding certificate,
@@ -259,6 +258,7 @@ <h3 class="doAnchor"><a name="SSLConfiguration"></a>
259258 the application's classpath. You could alternatively
260259 specify a < code > file:</ code > URL to identify the location of
261260 the key store.
261+ </ p >
262262 < p > If you wanted to use < code > SSLSocketAppender</ code > in your
263263 application's logback configuration, but did not want to change
264264 the application's default trust store using the JSSE
@@ -295,7 +295,7 @@ <h4>SSL Configuration Properties</h4>
295295 Logback's SSL support makes nearly all of them available for
296296 you to specify in your server or appender configuration.
297297 When using XML configuration, SSL properties are introduced to
298- these components by nesting an << ssl > element in the appender
298+ these components by nesting an <ssl> element in the appender
299299 or server configuration. This configuration element corresponds
300300 to the
301301 < a href ="../xref/ch/qos/logback/core/net/ssl/SSLConfiguration.html ">
@@ -332,7 +332,6 @@ <h4>SSL Configuration Properties</h4>
332332 < a href ="#KeyManagerFactoryFactoryBean "> Key Manager Factory
333333 Configuration</ a >
334334 below.
335- </ p >
336335 </ td >
337336 </ tr >
338337 < tr >
@@ -391,7 +390,6 @@ <h4>SSL Configuration Properties</h4>
391390 < a href ="http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/JSSERefGuide.html ">
392391 JSSE Reference Guide</ a > . The Java platform's default protocol
393392 will be used if this property is not configured.
394- </ p >
395393 </ td >
396394 </ tr >
397395 < tr >
@@ -402,7 +400,6 @@ <h4>SSL Configuration Properties</h4>
402400 < a href ="http://docs.oracle.com/javase/1.5.0/docs/api/javax/net/ssl/SSLContext.html ">
403401 < code > SSLContext</ code > </ a > . The Java platform's default JSSE
404402 provider will be used if this property is not configured.
405- </ p >
406403 </ td >
407404 </ tr >
408405 < tr >
@@ -417,7 +414,6 @@ <h4>SSL Configuration Properties</h4>
417414 if this property is not configured. See
418415 < a href ="#SecureRandomFactoryBean "> Secure Random Generator
419416 Configuration</ a > below.
420- </ p >
421417 </ td >
422418 </ tr >
423419 < tr >
@@ -431,7 +427,6 @@ <h4>SSL Configuration Properties</h4>
431427 factory will be used if this property is not configured. See
432428 < a href ="#TrustManagerFactoryFactoryBean "> Trust Manager Factory</ a >
433429 below.
434- </ p >
435430 </ td >
436431 </ tr >
437432 < tr >
@@ -504,6 +499,7 @@ <h4 class="doAnchor"><a name="KeyStoreFactoryBean"></a>
504499 platform's default key store provider will be used if this
505500 property is not configured.
506501 </ td >
502+ </ tr >
507503 < tr >
508504 < td > < span class ="prop " container ="keyStore "> type</ span > </ td >
509505 < td > < code > String</ code > </ td >
@@ -516,7 +512,6 @@ <h4 class="doAnchor"><a name="KeyStoreFactoryBean"></a>
516512 is not configured.
517513 </ td >
518514 </ tr >
519- </ tr >
520515 </ table >
521516
522517 < h4 > < a name ="KeyManagerFactoryFactoryBean "> </ a >
@@ -771,12 +766,12 @@ <h3>Creating and Using a Self-Signed Logging Server Credential</h3>
771766
772767 < h4 > Creating the logging server credential:</ h4 >
773768 < p > The following command will generate the self-signed client
774- credential in a file named < em > server.keystore</ em > .
775- < pre class ="source "> keytool -genkey -alias server -dname " CN=my-logging-server" \
769+ credential in a file named < em > server.keystore</ em > .</ p >
770+ < pre class ="source "> keytool -genkey -alias server -dname " CN=my-logging-server" \
776771 -keyalg RSA -validity 365 -keystore server.keystore
777772Enter keystore password: <Enter password of your choosing>
778773Re-enter new password: <Re-enter same password>
779- Enter key password for < my-logging-server >
774+ Enter key password for < my-logging-server>
780775 (RETURN if same as keystore password): <Press RETURN>
781776</ pre >
782777
@@ -799,7 +794,7 @@ <h4>Creating a trust store for appender clients:</h4>
799794 server's certificate needs to be exported from the key store
800795 created in the previous step, and imported into a trust store. The
801796 following commands will export the certificate and import it into
802- a trust store named < em > server.truststore</ em > .
797+ a trust store named < em > server.truststore</ em > .</ p >
803798
804799 < pre class ="source "> keytool -export -rfc -alias server -keystore server.keystore \
805800 -file server.crt
@@ -960,6 +955,7 @@ <h2>Auditing the SSL Configuration</h2>
960955 not remain enabled in production settings after the configuration
961956 has been validated. Audit logging is disabled when the
962957 < code > debug</ code > property is removed or set to < code > false</ code > .
958+ </ p >
963959
964960 < h2 > Resolving SSL Exceptions</ h2 >
965961 < p > When using < code > SSLSocketAppender</ code > , the appender acts
0 commit comments