jaikiran pai created WFCORE-1597:
------------------------------------
Summary: Do a lenient case insensitive check for JKS keystore provider type
in the configured truststore of a security realm
Key: WFCORE-1597
URL:
https://issues.jboss.org/browse/WFCORE-1597
Project: WildFly Core
Issue Type: Enhancement
Components: Domain Management
Affects Versions: 3.0.0.Alpha1, 2.2.0.CR2
Environment: WildFly 10.0.0.Final
Reporter: jaikiran pai
Assignee: Brian Stansberry
One of the users of WildFly 10.0.0.Final reports that when he configured the truststore as
follows:
{code}
<truststore provider="jks" path="server.truststore"
relative-to="jboss.server.config.dir"
keystore-password="#######"/>
{code}
Notice the value for provider - it's lower case jks. Apparently this causes issues and
the truststore doesn't work. It works when the value is set to JKS instead.
Looking at the code in SecurityRealmAddHandler it does a case sensitive check on the value
to see if it's a JKS provider and if it is, only then does it use the configured
keystore relative path. Otherwise, it just ignores the keystore relative path and leads to
hard to debug SSL issues.
I think it would be better to do a case insensitive check to see if JKS is the configured
keystore provider.
The relevant forum thread discussion is here
https://developer.jboss.org/message/958142#958142
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)