Most of the changes are now in for this, just some final updates to make
this compatible with alternative file based stores.
On 20/03/14 17:54, Darran Lofthouse wrote:
I have updated the pull request for the schema version bump, once
that
one is in I will get pull requests in for backporting the upstream
changes and enabling support for alternative file based keystores such
as PKCS#12
Regards,
Darran Lofthouse.
On 20/03/14 11:18, Darran Lofthouse wrote:
> I am just tagging a JBoss Negotiation release then I will switch to
> getting this backported.
>
> Once backported it may be easier if we just delete the commit from
> Kabir's branch when he rebases.
>
> From this point forward can we please push less to WildFly 9? ;-) I
> already lost time as I started to work on this for 8 and was then
> diverted by other engineers to push it to 9, I am now going to spend
> time pulling it back to 8!
>
> Regards,
> Darran Lofthouse.
>
>
> On 20/03/14 02:31, Brian Stansberry wrote:
>> It's very similar to the existing commit for WF9/EAP6.3 [1], so if we
>> want the feature in 8.0.1 we should just merge the open PR to bump the
>> core schema versions[2] and then backport that commit.
>>
>> [1]
>>
https://github.com/kabir/wildfly/commit/3f22fcfa81975bf9951003889c4d4af1d...
>>
>>
>> [2]
https://github.com/wildfly/wildfly/pull/5913
>>
>> On 3/19/14, 8:32 PM, Jason T. Greene wrote:
>>> Since this change looks minor, and it comes from a community member
>>> I am
>>> inclined to allow into 8.0.1.
>>>
>>> How bad is the conflict for the other change you are referring to
>>> Darran?
>>>
>>> On Mar 19, 2014, at 5:43 PM, Marek Żupnik <marek.zupnik(a)gmail.com
>>> <mailto:marek.zupnik@gmail.com>> wrote:
>>>
>>>> Hi,
>>>>
>>>> Darran, I understand your point of view, but stable version of 9 will
>>>> be not released tomorrow. Lack of pkcs12 support in 8 is a major
>>>> issue, not to mention that in AS 7 I was able to use this format for
>>>> https private key. I think it will be useful to fix it yet in 8, even
>>>> thought the code with a fix will be thrown away in 9.
>>>>
>>>> I made a pull request with a fix
>>>> (
https://github.com/wildfly/wildfly/pull/6062). It is up to you what
>>>> you do with it.
>>>>
>>>> Thank you for your answers and clarifications.
>>>>
>>>> Kind Regards,
>>>> Marek Zupnik
>>>>
>>>>
>>>> 2014-03-18 18:10 GMT+01:00 Darran Lofthouse
>>>> <darran.lofthouse(a)jboss.com
<mailto:darran.lofthouse@jboss.com>>:
>>>>
>>>> I will have another look if I get a chance to get something
>>>> into 8 but
>>>> in reality a related change in this area (that completely
>>>> conflicts with
>>>> your changes) was pushed to 9 as the consensus was we did not
>>>> want the
>>>> configuration model in this area changing before WildFLy 9.
>>>>
>>>> On 18/03/14 16:30, Marek Żupnik wrote:
>>>> > Hi,
>>>> >
>>>> > Thank You Brian for your comments. I'll try to apply them
>>>> to my
>>>> code. I
>>>> > ask if I will have further questions about it.
>>>> >
>>>> > @Darran, I have a question for you. I wasn't looking into
>>>> development
>>>> > branch so I haven't known about the changes. Is it
possible
>>>> that
>>>> pkcs12
>>>> > support will be merged in Wildfly 8? If not, could my
>>>> change be
>>>> merged
>>>> > earlier? Otherwise, I'm forced to maintain my version of
>>>> Wildfly
>>>> untill
>>>> > no 9 will be released.
>>>> >
>>>> > Kind Regards,
>>>> > Marek Zupnik
>>>> >
>>>> >
>>>> > 2014-03-18 16:20 GMT+01:00 Brian Stansberry
>>>> <brian.stansberry(a)redhat.com
>>>> <mailto:brian.stansberry@redhat.com>
>>>> > <mailto:brian.stansberry@redhat.com
>>>> <mailto:brian.stansberry@redhat.com>>>:
>>>> >
>>>> > Hi Marek,
>>>> >
>>>> > Welcome!
>>>> >
>>>> > I'm going to make a few comments on github re: some
minor
>>>> details of
>>>> > your commit. But please keep an eye on this list for your
>>>> more general
>>>> > question about whether this is how we want to go about
>>>> this.
>>>> I believe
>>>> > Darran Lofthouse was planning some work in this area so
he
>>>> may have some
>>>> > input.
>>>> >
>>>> > Cheers,
>>>> >
>>>> > --
>>>> > Brian Stansberry
>>>> > Senior Principal Software Engineer
>>>> > JBoss by Red Hat
>>>> >
>>>> > On 3/18/14, 8:59 AM, Marek Żupnik wrote:
>>>> > > Hi,
>>>> > >
>>>> > > I'm Marek Zupnik. It's my first message for
this
>>>> list but for
>>>> > some time
>>>> > > I've been keeping my eyes on what's
happening in
>>>> wildfly
>>>> development.
>>>> > >
>>>> > > I'm writing regarding to the issue about lack
of
>>>> support
>>>> for PKCS12
>>>> > > keystores in security realms
>>>> > > (
https://issues.jboss.org/browse/WFLY-2229). I
>>>> wanted to
>>>> migrate my
>>>> > > system to Wildfly but in my case it is a blocking
>>>> issue.
>>>> I have
>>>> > to use
>>>> > > keystore in PKCS12 format in which I'm storing,
among
>>>> others, https
>>>> > > private key.
>>>> > >
>>>> > > I forked Wildfly on github and made a simple fix
for
>>>> this
>>>> issue which
>>>> > > consists in additional parameter
"keystore-type" for
>>>> keystore
>>>> > > configuration. Based on this parameter I'm able
to
>>>> create
>>>> appropriate
>>>> > > keystore type.
>>>> > >
>>>> > > Config sample:
>>>> > > <keystore path="keystore.p12"
>>>> relative-to="jboss.server.config.dir"
>>>> > > keystore-password="xxx"
keystore-type="PKCS12"
>>>> alias="https"/>
>>>> > >
>>>> > > The changes are in my fork on github (keystore_type
>>>> branch):
>>>> > >
https://github.com/mzupnik/wildfly/tree/keystore_type
>>>> > >
>>>> > > Before I will try to do push request, could you
>>>> answer me
>>>> if it is
>>>> > > acceptable solution according to your architecture
>>>> concept? If not,
>>>> > > could you give me some tips how to resolve it in
>>>> other way? I
>>>> > care about
>>>> > > this fix before 9. release.
>>>> > >
>>>> > > Kind Regards,
>>>> > > Marek Zupnik
>>>> > >
>>>> > >
>>>> > > _______________________________________________
>>>> > > wildfly-dev mailing list
>>>> > > wildfly-dev(a)lists.jboss.org
>>>> <mailto:wildfly-dev@lists.jboss.org>
>>>> <mailto:wildfly-dev@lists.jboss.org
>>>> <mailto:wildfly-dev@lists.jboss.org>>
>>>> > >
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>>> > >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > wildfly-dev mailing list
>>>> > wildfly-dev(a)lists.jboss.org
>>>> <mailto:wildfly-dev@lists.jboss.org>
>>>> <mailto:wildfly-dev@lists.jboss.org
>>>> <mailto:wildfly-dev@lists.jboss.org>>
>>>> >
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>>> >
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > wildfly-dev mailing list
>>>> > wildfly-dev(a)lists.jboss.org
>>>> <mailto:wildfly-dev@lists.jboss.org>
>>>> >
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>>> >
>>>> _______________________________________________
>>>> wildfly-dev mailing list
>>>> wildfly-dev(a)lists.jboss.org
<mailto:wildfly-dev@lists.jboss.org>
>>>>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>>>
>>>>
>>>> _______________________________________________
>>>> wildfly-dev mailing list
>>>> wildfly-dev(a)lists.jboss.org <mailto:wildfly-dev@lists.jboss.org>
>>>>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>>
>>>
>>> _______________________________________________
>>> wildfly-dev mailing list
>>> wildfly-dev(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>>
>>
>>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>