On Fri, 3 Jun 2016, 17:18 Martin Choma <mchoma(a)redhat.com> wrote:
I have couple of questions regarding self-signed certificate
What happens, when autogenerated certificate expires?
I think we would go for ten year expiry so that would not be an issue. The
developer could just delete the store and generate a new one anyway.
How it will be decided if certificate should be autogenerate or not?
An attribute in the management model would be needed to explicitly enable
What will be default keysize? It has to be probably choosen to work also
> without "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction
Probably the largest that is supported without JCE. It does not matter that
much, self signed certs are inherently insecure, this is a developer
usability feature, not something that can be used in production.
Thu, Jun 2, 2016 at 10:01 PM, Stuart Douglas <
> stuart.w.douglas(a)gmail.com> wrote:
>> So I guess we should talk about how this should
>> In terms of auto generating the key I was thinking we
would need to add a
>> new attribute to the 'keystore' element under the security realm,
>> like 'auto-generate-cert-host="localhost"'. I am not sure what
>> options we would need, or how configurable we should make it, but as this
>> is for testing/development purposes I don't think we need to expose full
>> control over the certificate generation process.
>> In terms of the implementation we could just implement
>> wrapper, that can do the generation and then create a 'real' SSLContext
>> first time it is asked to create and SSLEngine.
>> On Fri, Jun 3, 2016 at 3:19 AM, Jason Greene
>>> > On Jun 2, 2016, at 11:29 AM, Harold Campbell
>>> > On Thu, 2016-06-02
at 09:22 +1000, Stuart Douglas wrote:
>>> >> Hi All,
>>> >> I would like
to propose that we add support for HTTP/2 out of the box
>>> >> in Wildfly 10.1.
>>> > This lowly user desperately wants a release
containing the fix to WFLY-
>>> > 6283 sooner rather than later. I'm sure other people have other pet
>>> > bugs awaiting release.
>>> > I have no opinion
on HTTP/2 being added other than to ask that pent up
>>> > bug fixes be kept in mind.
>>> Hi Harold,
>>> That fix is already in
master, so it will be included in 10.1.
>>> Jason T. Greene
>>> WildFly Lead / JBoss EAP Platform Architect
>>> JBoss, a division of Red Hat
>> wildfly-dev mailing list