You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@slider.apache.org by "Jonathan Maron (JIRA)" <ji...@apache.org> on 2015/03/02 16:37:04 UTC
[jira] [Updated] (SLIDER-802) Need mechanism for client truststore
and keystore retrieval
[ https://issues.apache.org/jira/browse/SLIDER-802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jonathan Maron updated SLIDER-802:
----------------------------------
Description:
For applications that take advantage of the certificate store generation feature, there may be a need for the client's to obtain truststores and, optionally, keystores to successfully communicate via SSL to the server-side application components.
One possible approach is a CLI option:
slider ssl-support --keystore <path for generated file> --subj <DN for client>
Some key points:
1) Could use the localhost from where the client is invoked to create the subject DN (CN=<localhost name>) if no subject is specified
2) For clients to access these stores they will need access to store passwords. I believe it's be most appropriate to leverage the Credential Provider facility.
was:
For applications that take advantage of the certificate store generation feature, there may be a need for the client's to obtain truststores and, optionally, keystores to successfully communicate via SSL to the server-side application components.
One possible approach is a CLI option:
slider ssl-support --keystore <path for generated file> --subj <DN for client>
Some key points:
1) Could use the localhost from where the client is invoked to create the subject DN (CN=<localhost name>) if no subject is specified
2) For client's to access these stores they will need access to store passwords. I believe it's be most appropriate to leverage the Credential Provider facility.
> Need mechanism for client truststore and keystore retrieval
> -----------------------------------------------------------
>
> Key: SLIDER-802
> URL: https://issues.apache.org/jira/browse/SLIDER-802
> Project: Slider
> Issue Type: Bug
> Components: client, security
> Reporter: Jonathan Maron
> Assignee: Jonathan Maron
>
> For applications that take advantage of the certificate store generation feature, there may be a need for the client's to obtain truststores and, optionally, keystores to successfully communicate via SSL to the server-side application components.
> One possible approach is a CLI option:
> slider ssl-support --keystore <path for generated file> --subj <DN for client>
> Some key points:
> 1) Could use the localhost from where the client is invoked to create the subject DN (CN=<localhost name>) if no subject is specified
> 2) For clients to access these stores they will need access to store passwords. I believe it's be most appropriate to leverage the Credential Provider facility.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)