[KNOX-2434] Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.4.0
Fix Version/s: 1.5.0
Component/s: Server
Labels:
None

Description

Currently Knox has a few configuration options for overriding the keystore/truststore type and if these are not specified it falls back to hardcoded "JKS". This should fallback instead of the JDK default configured keystore/truststore type. This will cause issues when an administrator wants to control the keystore type globally at the JDK level. This happens when doing FIPS crypto modules.

It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS.

Attachments

Issue Links

links to

GitHub Pull Request #366

Activity

People

Assignee:: Kevin Risden

Reporter:: Kevin Risden

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 30/Jul/20 19:37

Updated:: 31/Jul/20 16:32

Resolved:: 31/Jul/20 16:30

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h