[jboss-jira] [JBoss JIRA] (ELY-405) Add a KeyStore implementation backed by LDAP
Jan Kalina (JIRA)
issues at jboss.org
Mon Jul 18 15:12:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13267073#comment-13267073 ]
Jan Kalina commented on ELY-405:
--------------------------------
objectClasses and attributes usable for this:
* inetOrgPerson
** certificate - X.509 certificate of user
** userSMIMECertificate - PKCS#7 certificate chain (.p7b)
** userPKCS12 - PKCS#12 keypair (certificate+encrypted private key)
> Add a KeyStore implementation backed by LDAP
> --------------------------------------------
>
> Key: ELY-405
> URL: https://issues.jboss.org/browse/ELY-405
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: SSL
> Reporter: Darran Lofthouse
> Assignee: Jan Kalina
> Fix For: 2.0.0.Alpha1
>
>
> It is possible for private keys, public keys and certificates to all be stored in LDAP - this task is to create a Java KeyStore implementation that can work with this.
> LDAP most likely will take a reasonable amount of configuration so it may not be possible to be purely provider based and instead this type of KeyStore may need to be manually configured and instantiated.
> Properties could be passed in using the InputStream to initialise the KeyStore but that doesn't help where we may want to pass in factories for connecting to a remote LDAP server.
> In addition to the usual keys and certificates the entry types as used for CredentialStore should also be considered.
> The implementation should also support manipulation of the entries - in this case this may mean immediate updates to the directory.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list