[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=all ]
Donald Woods updated GERONIMO-2015:
-----------------------------------
Fix Version: 1.2
OK, setting the Fix version to 1.2 so it will be considered....
> Let's replace JKS to PKCS12 key store type
> ------------------------------------------
>
> Key: GERONIMO-2015
> URL: http://issues.apache.org/jira/browse/GERONIMO-2015
> Project: Geronimo
> Type: Improvement
> Security: public(Regular issues)
> Components: security
> Reporter: Nikolay Chugunov
> Fix For: 1.2
> Attachments: JKSToPKCS12.java, jksToPKCS12.patch, keystore
>
> Hello
> Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key
> store and Geronimo may not work on non-Sun VMs.
> To fix this problem I have created the patch for Geronimo sources.
> In brief the patch (attached) replaces JKS to PKCS12 key store type in
> configurations files.
> PKCS12 format of key store file is not java-specific and can be created and
> read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in
> Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is
> Sun specific key store and does not exist in Bouncy Castle.
> Also it is needed to replace JKS to PKCS12 keystore file (attached) to
> assemblies/j2ee-tomcat-server/src/var/security,
> assemblies/j2ee-installer/src/var/security,
> assemblies/j2ee-jetty-server/src/var/security directories. Key store file was
> generating using JKSToPKCS12 class (attached). This class transfers key and
> certificate of Geronimo from JKS to PKCS12.
> After I apply this patch to Geronimo 1.0 sources and build Geronimo I can
> login to Geronimo console over https.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
