You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Jan Høydahl (Jira)" <ji...@apache.org> on 2023/01/11 12:11:00 UTC
[jira] [Commented] (SOLR-16616) JWTAuthPlugin: Read trusted X509 certificates from multiple files
[ https://issues.apache.org/jira/browse/SOLR-16616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17675530#comment-17675530 ]
Jan Høydahl commented on SOLR-16616:
------------------------------------
See PR for details. Going forward we'll support both string and array value:
{code:java}
"trustedCertsFile": "/path/to/aCertFile.pem" {code}
and
{code:java}
"trustedCertsFile": ["/path/to/hostCertFile.pem", "/path/to/caCertFile.pem"] {code}
> JWTAuthPlugin: Read trusted X509 certificates from multiple files
> -----------------------------------------------------------------
>
> Key: SOLR-16616
> URL: https://issues.apache.org/jira/browse/SOLR-16616
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
> Time Spent: 1.5h
> Remaining Estimate: 0h
>
> The JWTAuthPlugin supports overriding Java's built-in trustStore for validating SSL certificate of the Identity Provider. Currently we allow user to either specify a path to one file, e.g. {{{}foo.pem{}}}, or to supply the ascii text of the certificate as a string.
> In certain environments, the plugin may need to trust certificates spread across multiple files. This Jira is to implement such support.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org