[jboss-jira] [JBoss JIRA] (WFLY-6839) It is impossible configure KeyStore ValidatingAlias in picketlink-federation subsystem same as in picketlink.xml

Hynek Švábek (JIRA) issues at jboss.org
Mon Jul 18 04:46:01 EDT 2016 

     [ https://issues.jboss.org/browse/WFLY-6839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hynek Švábek updated WFLY-6839:
-------------------------------
    Description: 
In picketlink.xml configuration file I can define multiple ValidatingAlias for same certificate alias.
{code}
<KeyProvider ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">
...
...
    <ValidatingAlias Key="localhost" Value="servercert" />
    <ValidatingAlias Key="127.0.0.1" Value="servercert" />
</KeyProvider>
{code}

But in subsystem configuration I cannot do this.


*Workaround*
You can clone your certificate in keystore under different alias and then add new validating alias with this value.

  was:
In picketlink.xml configuration file I can define multiple ValidatingAlias for same certificate alias.
{code}
<KeyProvider ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">
...
...
    <ValidatingAlias Key="localhost" Value="servercert" />
    <ValidatingAlias Key="127.0.0.1" Value="servercert" />
</KeyProvider>
{code}

But in subsystem configuration I cannot do this.


Workaround
You can clone your certificate in keystore under different alias and then add new validating alias with this value.



> It is impossible configure KeyStore ValidatingAlias in picketlink-federation subsystem same as in picketlink.xml
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-6839
>                 URL: https://issues.jboss.org/browse/WFLY-6839
>             Project: WildFly
>          Issue Type: Bug
>          Components: CLI
>            Reporter: Hynek Švábek
>            Assignee: Alexey Loubyansky
>
> In picketlink.xml configuration file I can define multiple ValidatingAlias for same certificate alias.
> {code}
> <KeyProvider ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">
> ...
> ...
>     <ValidatingAlias Key="localhost" Value="servercert" />
>     <ValidatingAlias Key="127.0.0.1" Value="servercert" />
> </KeyProvider>
> {code}
> But in subsystem configuration I cannot do this.
> *Workaround*
> You can clone your certificate in keystore under different alias and then add new validating alias with this value.



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list