[jboss-jira] [JBoss JIRA] (WFLY-7091) Not able to configure list of key/trust managers on elytron ssl context.

Jan Kalina (JIRA) issues at jboss.org
Wed May 17 08:20:00 EDT 2017 

    [ https://issues.jboss.org/browse/WFLY-7091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13407706#comment-13407706 ] 

Jan Kalina commented on WFLY-7091:
----------------------------------

The plural in "key-managers" refer to fact that array of KeyManagers is output of KeyManager factory - it does not mean it is possible to use more factories for one SSLContext.

> Not able to configure list of key/trust managers on elytron ssl context.
> ------------------------------------------------------------------------
>
>                 Key: WFLY-7091
>                 URL: https://issues.jboss.org/browse/WFLY-7091
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 11.0.0.Alpha1
>            Reporter: Martin Choma
>            Assignee: Darran Lofthouse
>             Fix For: 11.0.0.Alpha1
>
>
> Base on xsd/model documentation key-managers and trust-managers attributes seems to be meant to hold list of managers. That also comply to SSLContext init() method [1]. Hovewer, in elytron subsystem, they are of type string and any my tries to set list (space/comma delimited list) failed. 
> XSD documentation
> * key-managers - Reference to the KeyManagers to be used by this SSLContext.
> * trust-managers  - Reference to the TrustManagers to be used by this SSLContext.
> Model description:
> {noformat}
> "key-managers" => {
>     "type" => STRING,
>     "description" => "Reference to the key managers to use within the SSLContext.",
>     "expressions-allowed" => false,
>     "nillable" => true,
>     "capability-reference" => "org.wildfly.security.key-managers",
>     "min-length" => 1L,
>     "max-length" => 2147483647L,
>     "access-type" => "read-write",
>     "storage" => "configuration",
>     "restart-required" => "resource-services"
> },
> "trust-managers" => {
>     "type" => STRING,
>     "description" => "Reference to the trust managers to use within the SSLContext.",
>     "expressions-allowed" => false,
>     "nillable" => true,
>     "capability-reference" => "org.wildfly.security.trust-managers",
>     "min-length" => 1L,
>     "max-length" => 2147483647L,
>     "access-type" => "read-write",
>     "storage" => "configuration",
>     "restart-required" => "resource-services"
> },
> {noformat}
> [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLContext.html#init-javax.net.ssl.KeyManager:A-javax.net.ssl.TrustManager:A-java.security.SecureRandom-



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list