[jboss-jira] [JBoss JIRA] (WFLY-2980) TLS client authentication configuration not working
Mike Hostetler (JIRA)
issues at jboss.org
Fri Apr 11 14:04:13 EDT 2014
[ https://issues.jboss.org/browse/WFLY-2980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12961251#comment-12961251 ]
Mike Hostetler commented on WFLY-2980:
--------------------------------------
We get the same results. Is there a status on this issue?
> TLS client authentication configuration not working
> ---------------------------------------------------
>
> Key: WFLY-2980
> URL: https://issues.jboss.org/browse/WFLY-2980
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Undertow)
> Affects Versions: 8.0.0.Final
> Reporter: dfisher
> Assignee: Tomaz Cerar
>
> Configuration of a security realm with a truststore does not result in an SSL trust manager with the appropriate certificate authorities.
> This configuration:
> {code}
> <security-realm name="HTTPSRealm">
> <server-identities>
> <ssl>
> <keystore alias="server" path="/path/to/my.keystore" keystore-password="changeit" />
> </ssl>
> </server-identities>
> <authentication>
> <truststore path="/path/to/my.truststore" keystore-password="changeit" />
> </authentication>
> </security-realm>
> {code}
> Should expose the certificates in my.truststore as accepted authorities for client authentication.
> An SSL debug shows that no authorities are configured:
> {code}
> *** CertificateRequest
> Cert Types: RSA, DSS, ECDSA
> Cert Authorities:
> <Empty>
> *** ServerHelloDone
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list