[jboss-jira] [JBoss JIRA] (WFCORE-2671) CLI Opertation 'load' for Elytron key-store does not correctly re-read keystore
Jan Kalina (JIRA)
issues at jboss.org
Tue Apr 25 09:45:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13397743#comment-13397743 ]
Jan Kalina commented on WFCORE-2671:
------------------------------------
Resolved by adding refresh operations into key-managers and ssl-context:
{code}
/subsystem=elytron/key-store=httpsKS:load()
/subsystem=elytron/key-managers=httpsKM:init()
/subsystem=elytron/server-ssl-context=httpsSSC:key-refresh()
{code}
> CLI Opertation 'load' for Elytron key-store does not correctly re-read keystore
> -------------------------------------------------------------------------------
>
> Key: WFCORE-2671
> URL: https://issues.jboss.org/browse/WFCORE-2671
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Lukas
> Assignee: Jan Kalina
> Priority: Blocker
>
> When keystore (or cerficate in keystore) is changed during server runtime then CLI opertation {{load}} can be used for {{/subsystem=elytron/key-store=...}} to re-reading this keystore in server. However after calling this operation server still works with original keystore/certificate. Then CLI reads current keystore correctly, but in case when ssl-context which uses that key-store is used then original keystore is still used by server. Reload of server is required to correctly re-read the new keystore. See Steps to Reproduce for more details.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list