On 12/20/2013 3:50 PM, Anil Saldhana wrote:
On 12/20/2013 02:32 PM, Bill Burke wrote:
>
> On 12/20/2013 3:23 PM, Anil Saldhana wrote:
>> Bill brought out some thoughts in my mind which I want to capture here
>> to see what your thoughts are:
>>
>> * Certificate Management
>> - We need a good system to CRUD certificates. The only good Java based
>> oss I have seen is EJBCA.
>>
> Becoming a CA is way down the road, but my thoughts were that a realm
> could just create client-certs signed with the realm's keypair using
> Bouncycastle APIs. There would be an option to download the truststore
> for the realm (for Java apps). And a text pkcs format (forget the
> actual name) for non-Java apps.
Good idea. But having a CA that helps users manage their certificates
within a particular corporate domain, may be important for an integrated
solution.
CRUD/export-import truststores/keystores.
Short term. Yes, I want to be able to manage user certificates. This
is something Bruno/Aerogear is really interested in too.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com