Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-3638

Allow alternative keystore formats like PKCS12

    XMLWordPrintableJSON

Details

    Description

      In this tread we discuss enhancements to the IMAP/POP3/SMTP cryptography: https://www.mail-archive.com/server-dev@james.apache.org/msg70772.html

      The need of having alternatives to the JKS keystore format was expressed and support for PKCS12 format requested.

      This change is easy to carry over: have one more parameter to let people express which format they use. This looks like:

           <tls socketTLS="false" startTLS="false">
         <keystore>file://conf/keystore</keystore>
         <keystoreType>PKCS12</keystoreType>
         <secret>yoursecret</secret>
         <provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider>
         <algorithm>SunX509</algorithm>
     </tls>

      Generation then becomes:

      $ keytool -genkey -alias james -keyalg RSA  -storetype PKCS12  -keystore keystore

      Attachments

        Activity

          People

            Unassigned Unassigned
            btellier Benoit Tellier
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h 40m
                2h 40m