Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatically add generated self-signed certificates to Java trust store #2284

Closed
joschi opened this issue May 25, 2016 · 1 comment
Closed

Automatically add generated self-signed certificates to Java trust store #2284

joschi opened this issue May 25, 2016 · 1 comment
Labels
bug P4 papercut S4 security triaged
Milestone
2.0.3

Comments

@joschi
Copy link
Contributor

joschi commented May 25, 2016
edited
Loading

If people are using the automatically generated X.509 certificates for the Graylog REST API, proxy calls to Graylog with OkHttp will fail because those certificates are untrusted. If we added the generated certificate to the Java trust store, at least "local" calls would succeed.

Similar problem: http://docs.graylog.org/en/2.0/pages/faq.html#i-have-configured-an-smtp-server-or-an-output-with-tls-connection-and-receive-handshake-errors-what-should-i-do

https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores
@kroepke kroepke added this to the 2.0.3 milestone May 30, 2016
@kroepke kroepke added the bug label May 30, 2016
@joschi joschi mentioned this issue Jun 9, 2016
Closed
@joschi
Copy link
Contributor Author

joschi commented Jun 20, 2016

The feature is broken beyond repair and should be removed instead: #2355

@joschi joschi closed this as completed Jun 20, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug P4 papercut S4 security triaged
Projects
None yet
Milestone
2.0.3
Development

No branches or pull requests
2 participants
@joschi @kroepke