Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-1111

2-way SSL Truststore and Keystore Improvements

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.3.0
    • Component/s: Server
    • Labels:
      None

      Description

      Currently, the DefaultHttpClientFactory is setting the 2-way SSL for dispatches truststore as gateway.jks. This should be driven by configuration and probably default to cacerts rather than gateway.jks.

      The client cert alias inside the keystore should be configurable as well so that we can possibly have different certs representing different topologies.

      In addition, the keystore to host the client certs should be configurable.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rlevas Robert Levas
                Reporter:
                lmccay Larry McCay
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h