[jboss-jira] [JBoss JIRA] (WFCORE-944) truststore path is ignored if provider is not JKS

[Jeff Mesnil (Jira)]

     [ https://issues.redhat.com/browse/WFCORE-944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jeff Mesnil updated WFCORE-944:
-------------------------------
    Fix Version/s: 11.0.0.Beta8
                       (was: 11.0.0.Beta7)


> truststore path is ignored if provider is not JKS
> -------------------------------------------------
>
>                 Key: WFCORE-944
>                 URL: https://issues.redhat.com/browse/WFCORE-944
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>            Reporter: Arto Huusko
>            Priority: Major
>             Fix For: 11.0.0.Beta8
>
>
> truststore configuration ignores the path and relative-to parameters if the truststore provider is anything else than JKS.
> This works as documented, but it is not correct. There can be and are truststore implementations that need to load parameters or whatever data from a file, and the current implementation prevents these truststore providers from working.
> We have a custom truststore that is loaded from database, and database access parameters are read from a properties file. When trying to use this with Wildfly 9, the keystore engineLoad parameter is passed in as null, even though path and relative-to are configured.
> Even standard java supports PKCS12 truststores, where the same problem would occur.
> So I would suggest that
>  - if provider is JKS, path is mandatory
>  - if provider is not JKS, but path is specified, it is passed to the provider



--
This message was sent by Atlassian Jira
(v7.13.8#713008)