You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2016/08/22 13:19:20 UTC

[jira] [Created] (KNOX-742) Export Commands in KnoxCLI for the gateway-identity Public Cert

Larry McCay created KNOX-742:
--------------------------------

             Summary: Export Commands in KnoxCLI for the gateway-identity Public Cert
                 Key: KNOX-742
                 URL: https://issues.apache.org/jira/browse/KNOX-742
             Project: Apache Knox
          Issue Type: Improvement
          Components: KnoxCLI
            Reporter: Larry McCay
            Assignee: Larry McCay
             Fix For: 0.10.0


In order for the knox admin to be able to provide a PEM or JKS file with the gateway's public cert, we currently need the admin to use keytool or some other tooling for exporting it.

Keytool isn't always available in deployment environments.

This patch will add an export command to the KnoxCLI that can export the public cert to a PEM encoded file or create a JKS type keystore that can then be used as a client truststore where appropriate.

Something like:

bq. knoxcli.sh export-cert [--type (PEM|JKS)]

Where the optional type argument defaults to PEM.

The exported files will be stored in the {GATEWAY_HOME}/data/security/keystores directory as:

gateway-identity.pem and gateway-client-trust.jks respectively.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)