CXF
  1. CXF
  2. CXF-4204

CXF https transport should support to specify the cert alias name

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.4.7, 2.5.3, 2.6
    • Component/s: Transports
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      when use https, the server and client side key store may have multiple private keys and certificates, but currently in CXF there's no way to specify which cert should be used, so if customer keystore has multiple certificates, which one is picked up become uncertain
      Jetty SslContextFactory already provide api

      public void setCertAlias(String certAlias)
      

      since Jetty 7.3.1, CXF should be able to expose this configuration as well.

        Activity

        Freeman Fang created issue -
        Freeman Fang made changes -
        Field Original Value New Value
        Assignee Freeman Fang [ ffang ]
        Freeman Fang made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        Hide
        Freeman Fang added a comment -

        actually it's same case on the client side when configure http:conduit, both client and server side https transport should support to specify the cert alias

        Show
        Freeman Fang added a comment - actually it's same case on the client side when configure http:conduit, both client and server side https transport should support to specify the cert alias
        Freeman Fang made changes -
        Summary CXF http-jetty transport should support to specify the cert alias name when use https CXF https transport should support to specify the cert alias name
        Description when use https, the server side key store may have multiple private keys and certificates, but currently in CXF there's no way to specify which cert should be used, so if customer keystore has multiple certificates, which one is picked up become uncertain
        Jetty SslContextFactory already provide api
        {code}
        public void setCertAlias(String certAlias)
        {code}
        since Jetty 7.3.1, CXF should be able to expose this configuration as well.
        when use https, the server and client side key store may have multiple private keys and certificates, but currently in CXF there's no way to specify which cert should be used, so if customer keystore has multiple certificates, which one is picked up become uncertain
        Jetty SslContextFactory already provide api
        {code}
        public void setCertAlias(String certAlias)
        {code}
        since Jetty 7.3.1, CXF should be able to expose this configuration as well.
        Show
        Freeman Fang added a comment - commit fix http://svn.apache.org/viewvc?rev=1305775&view=rev on trunk http://svn.apache.org/viewvc?rev=1305786&view=rev on 2.5.x branch http://svn.apache.org/viewvc?rev=1305789&view=rev on 2.4.x branch
        Hide
        Freeman Fang added a comment -

        I still need change new added HTTPJettyTransportActivator on trunk to set certAlias

        Show
        Freeman Fang added a comment - I still need change new added HTTPJettyTransportActivator on trunk to set certAlias
        Freeman Fang made changes -
        Status In Progress [ 3 ] Resolved [ 5 ]
        Fix Version/s 2.4.7 [ 12319492 ]
        Fix Version/s 2.5.3 [ 12319491 ]
        Fix Version/s 2.6 [ 12319252 ]
        Resolution Fixed [ 1 ]
        Daniel Kulp made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open In Progress In Progress
        12h 55m 1 Freeman Fang 27/Mar/12 01:07
        In Progress In Progress Resolved Resolved
        1d 6h 57m 1 Freeman Fang 28/Mar/12 08:05
        Resolved Resolved Closed Closed
        26d 9h 40m 1 Daniel Kulp 23/Apr/12 17:45

          People

          • Assignee:
            Freeman Fang
            Reporter:
            Freeman Fang
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development