From IRC conversation: this issue needs more details, might not be just IBM JDK related.
<kpiwko> stianst: matzew: IBM is in our certifaction plan...what do you want to say - not supported on IBM? <matzew> kpiwko not saying that. but not sure if that is the highest priority ? <matzew> I am not sure <kpiwko> matzew: I'm not sure about priority...tbh, I'm not sure if that's only IBM jdk related <matzew> kpiwko ah, ok perhaps we need to know more on that first <matzew> heh <kpiwko> matzew: latest investigation with tkriz showed that it is reproducible on IBM probably because some specific field order <kpiwko> e.g. could be reproducible on other JDK as well <matzew> kpiwko yeah <kpiwko> under specific conditions <matzew> kpiwko if I understand this is not a UPS bug, right ? To me sounds like KC specific <kpiwko> as I understand the problem, it is caused by client trying to access self-signed https server while not having truststore setup <kpiwko> bug in KC is related to the fact that if you access it via http first, realmkey is downloaded via http and later it works with https as well <kpiwko> well, it is both <kpiwko> UPS and KC <kpiwko> KC responsible for the feature, UPS for it's usage <kpiwko> matzew: pstribny is trying to setup truststore to EAP's <system-property> in configuration ... this might fix the problem of self-signed certificate <matzew> kpiwko yeah, but KC with XYZ would be the same <kpiwko> depends on realmkey download feature <kpiwko> I don't know whether this is UPS specific usage...or it is planned to be used broadly pre XYZ implementations <kpiwko> if the latter, yes with XYZ would be the same
|