<div dir="ltr">It's a great news. Thank you for your help.<div><br></div><div>Kind regards,</div><div>Marek Zupnik</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">2014-03-24 12:58 GMT+01:00 Darran Lofthouse <span dir="ltr"><<a href="mailto:darran.lofthouse@jboss.com" target="_blank">darran.lofthouse@jboss.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Most of the changes are now in for this, just some final updates to make<br>
this compatible with alternative file based stores.<br>
<div class="HOEnZb"><div class="h5"><br>
On 20/03/14 17:54, Darran Lofthouse wrote:<br>
> I have updated the pull request for the schema version bump, once that<br>
> one is in I will get pull requests in for backporting the upstream<br>
> changes and enabling support for alternative file based keystores such<br>
> as PKCS#12<br>
><br>
> Regards,<br>
> Darran Lofthouse.<br>
><br>
><br>
> On 20/03/14 11:18, Darran Lofthouse wrote:<br>
>> I am just tagging a JBoss Negotiation release then I will switch to<br>
>> getting this backported.<br>
>><br>
>> Once backported it may be easier if we just delete the commit from<br>
>> Kabir's branch when he rebases.<br>
>><br>
>> From this point forward can we please push less to WildFly 9? ;-) I<br>
>> already lost time as I started to work on this for 8 and was then<br>
>> diverted by other engineers to push it to 9, I am now going to spend<br>
>> time pulling it back to 8!<br>
>><br>
>> Regards,<br>
>> Darran Lofthouse.<br>
>><br>
>><br>
>> On 20/03/14 02:31, Brian Stansberry wrote:<br>
>>> It's very similar to the existing commit for WF9/EAP6.3 [1], so if we<br>
>>> want the feature in 8.0.1 we should just merge the open PR to bump the<br>
>>> core schema versions[2] and then backport that commit.<br>
>>><br>
>>> [1]<br>
>>> <a href="https://github.com/kabir/wildfly/commit/3f22fcfa81975bf9951003889c4d4af1d2dbd319" target="_blank">https://github.com/kabir/wildfly/commit/3f22fcfa81975bf9951003889c4d4af1d2dbd319</a><br>
>>><br>
>>><br>
>>> [2] <a href="https://github.com/wildfly/wildfly/pull/5913" target="_blank">https://github.com/wildfly/wildfly/pull/5913</a><br>
>>><br>
>>> On 3/19/14, 8:32 PM, Jason T. Greene wrote:<br>
>>>> Since this change looks minor, and it comes from a community member<br>
>>>> I am<br>
>>>> inclined to allow into 8.0.1.<br>
>>>><br>
>>>> How bad is the conflict for the other change you are referring to<br>
>>>> Darran?<br>
>>>><br>
>>>> On Mar 19, 2014, at 5:43 PM, Marek Żupnik <<a href="mailto:marek.zupnik@gmail.com">marek.zupnik@gmail.com</a><br>
>>>> <mailto:<a href="mailto:marek.zupnik@gmail.com">marek.zupnik@gmail.com</a>>> wrote:<br>
>>>><br>
>>>>> Hi,<br>
>>>>><br>
>>>>> Darran, I understand your point of view, but stable version of 9 will<br>
>>>>> be not released tomorrow. Lack of pkcs12 support in 8 is a major<br>
>>>>> issue, not to mention that in AS 7 I was able to use this format for<br>
>>>>> https private key. I think it will be useful to fix it yet in 8, even<br>
>>>>> thought the code with a fix will be thrown away in 9.<br>
>>>>><br>
>>>>> I made a pull request with a fix<br>
>>>>> (<a href="https://github.com/wildfly/wildfly/pull/6062" target="_blank">https://github.com/wildfly/wildfly/pull/6062</a>). It is up to you what<br>
>>>>> you do with it.<br>
>>>>><br>
>>>>> Thank you for your answers and clarifications.<br>
>>>>><br>
>>>>> Kind Regards,<br>
>>>>> Marek Zupnik<br>
>>>>><br>
>>>>><br>
>>>>> 2014-03-18 18:10 GMT+01:00 Darran Lofthouse<br>
>>>>> <<a href="mailto:darran.lofthouse@jboss.com">darran.lofthouse@jboss.com</a> <mailto:<a href="mailto:darran.lofthouse@jboss.com">darran.lofthouse@jboss.com</a>>>:<br>
>>>>><br>
>>>>> I will have another look if I get a chance to get something<br>
>>>>> into 8 but<br>
>>>>> in reality a related change in this area (that completely<br>
>>>>> conflicts with<br>
>>>>> your changes) was pushed to 9 as the consensus was we did not<br>
>>>>> want the<br>
>>>>> configuration model in this area changing before WildFLy 9.<br>
>>>>><br>
>>>>> On 18/03/14 16:30, Marek Żupnik wrote:<br>
>>>>> > Hi,<br>
>>>>> ><br>
>>>>> > Thank You Brian for your comments. I'll try to apply them<br>
>>>>> to my<br>
>>>>> code. I<br>
>>>>> > ask if I will have further questions about it.<br>
>>>>> ><br>
>>>>> > @Darran, I have a question for you. I wasn't looking into<br>
>>>>> development<br>
>>>>> > branch so I haven't known about the changes. Is it possible<br>
>>>>> that<br>
>>>>> pkcs12<br>
>>>>> > support will be merged in Wildfly 8? If not, could my<br>
>>>>> change be<br>
>>>>> merged<br>
>>>>> > earlier? Otherwise, I'm forced to maintain my version of<br>
>>>>> Wildfly<br>
>>>>> untill<br>
>>>>> > no 9 will be released.<br>
>>>>> ><br>
>>>>> > Kind Regards,<br>
>>>>> > Marek Zupnik<br>
>>>>> ><br>
>>>>> ><br>
>>>>> > 2014-03-18 16:20 GMT+01:00 Brian Stansberry<br>
>>>>> <<a href="mailto:brian.stansberry@redhat.com">brian.stansberry@redhat.com</a><br>
>>>>> <mailto:<a href="mailto:brian.stansberry@redhat.com">brian.stansberry@redhat.com</a>><br>
>>>>> > <mailto:<a href="mailto:brian.stansberry@redhat.com">brian.stansberry@redhat.com</a><br>
>>>>> <mailto:<a href="mailto:brian.stansberry@redhat.com">brian.stansberry@redhat.com</a>>>>:<br>
>>>>> ><br>
>>>>> > Hi Marek,<br>
>>>>> ><br>
>>>>> > Welcome!<br>
>>>>> ><br>
>>>>> > I'm going to make a few comments on github re: some minor<br>
>>>>> details of<br>
>>>>> > your commit. But please keep an eye on this list for your<br>
>>>>> more general<br>
>>>>> > question about whether this is how we want to go about<br>
>>>>> this.<br>
>>>>> I believe<br>
>>>>> > Darran Lofthouse was planning some work in this area so he<br>
>>>>> may have some<br>
>>>>> > input.<br>
>>>>> ><br>
>>>>> > Cheers,<br>
>>>>> ><br>
>>>>> > --<br>
>>>>> > Brian Stansberry<br>
>>>>> > Senior Principal Software Engineer<br>
>>>>> > JBoss by Red Hat<br>
>>>>> ><br>
>>>>> > On 3/18/14, 8:59 AM, Marek Żupnik wrote:<br>
>>>>> > > Hi,<br>
>>>>> > ><br>
>>>>> > > I'm Marek Zupnik. It's my first message for this<br>
>>>>> list but for<br>
>>>>> > some time<br>
>>>>> > > I've been keeping my eyes on what's happening in<br>
>>>>> wildfly<br>
>>>>> development.<br>
>>>>> > ><br>
>>>>> > > I'm writing regarding to the issue about lack of<br>
>>>>> support<br>
>>>>> for PKCS12<br>
>>>>> > > keystores in security realms<br>
>>>>> > > (<a href="https://issues.jboss.org/browse/WFLY-2229" target="_blank">https://issues.jboss.org/browse/WFLY-2229</a>). I<br>
>>>>> wanted to<br>
>>>>> migrate my<br>
>>>>> > > system to Wildfly but in my case it is a blocking<br>
>>>>> issue.<br>
>>>>> I have<br>
>>>>> > to use<br>
>>>>> > > keystore in PKCS12 format in which I'm storing, among<br>
>>>>> others, https<br>
>>>>> > > private key.<br>
>>>>> > ><br>
>>>>> > > I forked Wildfly on github and made a simple fix for<br>
>>>>> this<br>
>>>>> issue which<br>
>>>>> > > consists in additional parameter "keystore-type" for<br>
>>>>> keystore<br>
>>>>> > > configuration. Based on this parameter I'm able to<br>
>>>>> create<br>
>>>>> appropriate<br>
>>>>> > > keystore type.<br>
>>>>> > ><br>
>>>>> > > Config sample:<br>
>>>>> > > <keystore path="keystore.p12"<br>
>>>>> relative-to="jboss.server.config.dir"<br>
>>>>> > > keystore-password="xxx" keystore-type="PKCS12"<br>
>>>>> alias="https"/><br>
>>>>> > ><br>
>>>>> > > The changes are in my fork on github (keystore_type<br>
>>>>> branch):<br>
>>>>> > > <a href="https://github.com/mzupnik/wildfly/tree/keystore_type" target="_blank">https://github.com/mzupnik/wildfly/tree/keystore_type</a><br>
>>>>> > ><br>
>>>>> > > Before I will try to do push request, could you<br>
>>>>> answer me<br>
>>>>> if it is<br>
>>>>> > > acceptable solution according to your architecture<br>
>>>>> concept? If not,<br>
>>>>> > > could you give me some tips how to resolve it in<br>
>>>>> other way? I<br>
>>>>> > care about<br>
>>>>> > > this fix before 9. release.<br>
>>>>> > ><br>
>>>>> > > Kind Regards,<br>
>>>>> > > Marek Zupnik<br>
>>>>> > ><br>
>>>>> > ><br>
>>>>> > > _______________________________________________<br>
>>>>> > > wildfly-dev mailing list<br>
>>>>> > > <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>>><br>
>>>>> > > <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>>>>> > ><br>
>>>>> ><br>
>>>>> ><br>
>>>>> > _______________________________________________<br>
>>>>> > wildfly-dev mailing list<br>
>>>>> > <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>>><br>
>>>>> > <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>>>>> ><br>
>>>>> ><br>
>>>>> ><br>
>>>>> ><br>
>>>>> > _______________________________________________<br>
>>>>> > wildfly-dev mailing list<br>
>>>>> > <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>>>>> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>><br>
>>>>> > <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>>>>> ><br>
>>>>> _______________________________________________<br>
>>>>> wildfly-dev mailing list<br>
>>>>> <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>><br>
>>>>> <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>>>>><br>
>>>>><br>
>>>>> _______________________________________________<br>
>>>>> wildfly-dev mailing list<br>
>>>>> <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a> <mailto:<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a>><br>
>>>>> <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>>>><br>
>>>><br>
>>>> _______________________________________________<br>
>>>> wildfly-dev mailing list<br>
>>>> <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>>>> <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>>>><br>
>>><br>
>>><br>
>> _______________________________________________<br>
>> wildfly-dev mailing list<br>
>> <a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
>> <a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a><br>
>><br>
_______________________________________________<br>
wildfly-dev mailing list<br>
<a href="mailto:wildfly-dev@lists.jboss.org">wildfly-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/wildfly-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/wildfly-dev</a></div></div></blockquote></div><br></div>