Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change format of sample key and truststore from JKS to PKCS12 #2733

Closed
12 tasks done
gunterze opened this issue Aug 24, 2020 · 1 comment
Closed
12 tasks done

Change format of sample key and truststore from JKS to PKCS12 #2733

gunterze opened this issue Aug 24, 2020 · 1 comment
Assignees
@vrindanayak
Labels
enhancement New feature or request
Milestone
5.22.5

Comments

@gunterze
Copy link
Member

gunterze commented Aug 24, 2020
edited by vrindanayak

  • include sample keystore in PKCS12 format configuration/keystores/key.p12
  • include sample truststore in PKCS12 format configuration/keystores/cacert.p12
  • adjust keystoreURL and keystoreType in default and sample configuration
  • adjust truststoreURL and truststoreType in default and sample configuration
  • replace configuration/keystores/key.jks by configuration/keystores/key.p12 in the archive docker image and change the default values of ENV KEYSTORE and KEYSTORE_TYPE accordingly
  • replace configuration/keystores/cacerts.jks by configuration/keystores/cacerts.p12 in the archive docker image add ENV TRUSTSTORE_TYPE
  • verify that import of PKCS12 truststore into $JAVA_HOME/lib/security/cacerts on first archive container startup works
  • replace configuration/keystores/key.jks by configuration/keystores/key.p12 in the keycloak docker image and change the default values of ENV KEYSTORE and KEYSTORE_TYPE accordingly
  • replace configuration/keystores/cacerts.jks by configuration/keystores/cacerts.p12 in the keycloak docker image add ENV TRUSTSTORE_TYPE
  • provide update-config-5.22.5.ldif with corresponding changes for applying the configuration changes on update.
  • in slapd-dcm4chee docker image ldap/data/ : replace dcmTrustStoreType value from JKS to ${env.TRUSTSTORE_TYPE} in default-config.ldif. Provide update-config-5.22.5.ldif with corresponding changes for applying the configuration changes on update.
  • replace sample keystore and truststore file references in assembly distribution

Rationale: PKCS12 is specified by RFC 7292 and supported by multiple platforms, JKS is an Oracle proprietary format only supported by Java.

Related dcm4che/dcm4che#777
@gunterze gunterze added the enhancement New feature or request label Aug 24, 2020
@gunterze gunterze added this to the 5.22.5 milestone Aug 24, 2020
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 24, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Provide sample key/certficate as PK…
30f9662 
…CS12 keystore
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 24, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Provide sample key/certficate as PK…
46e0b5a 
…CS12 keystore
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 24, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Provide sample key/certficate as PK…
364ef41 
…CS12 keystore
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 24, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Provide sample key/certficate as PK…
f889cb6 
…CS12 keystore
vrindanayak added a commit to dcm4che-dockerfiles/keycloak that referenced this issue Aug 24, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Provide sample key/certficate as PK…
45fcb31 
…CS12 keystore
@gunterze gunterze changed the title Provide sample key/certficate as PKCS12 keystore Change format of sample key and truststore from JKS to PKCS12 Aug 25, 2020
@gunterze
Copy link
Member Author

also change (default) format for truststore from JKS to PKCS12

@gunterze gunterze reopened this Aug 25, 2020
vrindanayak added a commit that referenced this issue Aug 25, 2020
@vrindanayak
Change format of sample key and truststore from JKS to PKCS12 #2733
b056ec2
vrindanayak added a commit to dcm4che-dockerfiles/slapd-dcm4chee that referenced this issue Aug 25, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Change format of sample key and tru…
1f8a284 
…ststore from JKS to PKCS12
vrindanayak added a commit to dcm4che-dockerfiles/keycloak that referenced this issue Aug 25, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Change format of sample key and tru…
ec6b291 
…ststore from JKS to PKCS12
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 25, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Change format of sample key and tru…
1f1f035 
…ststore from JKS to PKCS12
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 25, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Change format of sample key and tru…
d05fe45 
…ststore from JKS to PKCS12
vrindanayak added a commit to dcm4che-dockerfiles/dcm4chee-arc-psql that referenced this issue Aug 25, 2020
@vrindanayak
dcm4che/dcm4chee-arc-light#2733 : Change format of sample key and tru…
d4ae1a2 
…ststore from JKS to PKCS12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vrindanayak vrindanayak

Labels
enhancement New feature or request
Projects
None yet
Milestone
5.22.5
Development

No branches or pull requests
2 participants
@gunterze @vrindanayak