Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-6505

User-friendly truststore

    XMLWordPrintable

Details

    • Task
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • None
    • backlog
    • None
    • Internal

    Description

      The problem is TLS certificate validation in the connectors. They are mostly using system-global truststore now. Midpoint has its own keystore/trustore, which means the truststore has to be set by -Djavax.net.ssl.trustStore. That is not very user-friendly, and it is a source of problems (e.g. MID-6504).

      We would like to figure a way, how to make connector use midPoint keystore. Maybe there is a need for ConnId extension that would convey the application (midPoint) setting to the connectors? Maybe there is some way how to do this directly in JCE? There seems to be no easy and straighforward way. This needs to be explored.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              semancik Radovan Semancik
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: