You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "Jan Høydahl (Jira)" <ji...@apache.org> on 2023/01/11 12:11:00 UTC

[jira] [Commented] (SOLR-16616) JWTAuthPlugin: Read trusted X509 certificates from multiple files

    [ https://issues.apache.org/jira/browse/SOLR-16616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17675530#comment-17675530 ] 

Jan Høydahl commented on SOLR-16616:
------------------------------------

See PR for details. Going forward we'll support both string and array value:
{code:java}
"trustedCertsFile": "/path/to/aCertFile.pem" {code}
and
{code:java}
"trustedCertsFile": ["/path/to/hostCertFile.pem", "/path/to/caCertFile.pem"] {code}

> JWTAuthPlugin: Read trusted X509 certificates from multiple files
> -----------------------------------------------------------------
>
>                 Key: SOLR-16616
>                 URL: https://issues.apache.org/jira/browse/SOLR-16616
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Authentication
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>            Priority: Major
>          Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> The JWTAuthPlugin supports overriding Java's built-in trustStore for validating SSL certificate of the Identity Provider. Currently we allow user to either specify a path to one file, e.g. {{{}foo.pem{}}}, or to supply the ascii text of the certificate as a string.
> In certain environments, the plugin may need to trust certificates spread across multiple files. This Jira is to implement such support.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org