[DIRSERVER-2262] The LdapServer.loadkeyStore() method do the work twice if there is no KeyStore defined - ASF JIRA

Watch issue

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0.AM25
Fix Version/s: 2.0.0.AM26
Component/s: None
Labels:
None

Description

When initializing the server, we call the loadkeyStore method to load the KeyStore. If there is none configured, we create a internal one that will be used to manage SSL/TLS communication.

The thing is that before initializing the KeyManagerFactory, we check the KeyStore, which generates a private key and a certificate. the following methods are called :

o CoreKeyStoreSpi.engineLoad()
o CoreKeyStoreSpi.engineAliases()
o CoreKeyStoreSpi.engineIsKeyEntry()
o CoreKeyStoreSpi.engineGetCertificateChain()
o CoreKeyStoreSpi.engineGetKey()

then :

o CoreKeyStoreSpi.engineAliases()
o CoreKeyStoreSpi.engineIsKeyEntry()
o CoreKeyStoreSpi.engineGetKey()
o CoreKeyStoreSpi.engineGetCertificateChain()
o CoreKeyStoreSpi.getCertificate()

We also fetch the admin user 4 times in the process...

That could be simplified.

Attachments

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Unassigned

Reporter:: Emmanuel Lécharny

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Jan/19 10:24

Updated:: 07/Jun/19 09:42

Resolved:: 07/Jun/19 09:42

Agile

View on Board

The LdapServer.loadkeyStore() method do the work twice if there is no KeyStore defined