[KNOX-1111] 2-way SSL Truststore and Keystore Improvements - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.3.0
Component/s: Server
Labels:
None

Description

Currently, the DefaultHttpClientFactory is setting the 2-way SSL for dispatches truststore as gateway.jks. This should be driven by configuration and probably default to cacerts rather than gateway.jks.

The client cert alias inside the keystore should be configurable as well so that we can possibly have different certs representing different topologies.

In addition, the keystore to host the client certs should be configurable.

Attachments

Issue Links

is duplicated by

KNOX-1643 Default HttpClient should trust gateway certificate

Closed

is related to

KNOX-1812 The Knox Gateway truststore should be configurable

Closed

KNOX-1818 Update documentation with configurable truststore information

Closed

links to

GitHub Pull Request #74

Activity

People

Assignee:: Robert Levas

Reporter:: Larry McCay

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 08/Nov/17 15:40

Updated:: 21/Oct/19 14:23

Resolved:: 15/Mar/19 17:29

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: