[ https://issues.apache.org/jira/browse/GERONIMO-3757?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vamsavardhana Reddy updated GERONIMO-3757: ------------------------------------------ Attachment: GERONIMO-3757.patch GERONIMO-3757.patch: Created against branches\2.0. o Provides a keystoreType attribute o Keystores portlet updated to support all possible keystoreTypes. This patch may not necessarily be merged into branches\2.0. Please try the patch and comment. > KeyStore type can't be changed > ------------------------------ > > Key: GERONIMO-3757 > URL: https://issues.apache.org/jira/browse/GERONIMO-3757 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: security > Affects Versions: 2.0.2, 2.0.x, 2.1 > Reporter: Vasily Zakharov > Attachments: GERONIMO-3757.patch > > > For now (r612905), Geronimo is hardcoded to use JKS keystore type, which > prevents Geronimo from running on Harmony or other JDKs that have no JKS > implementation: > org.apache.geronimo.security.keystore.FileKeystoreInstance, line 635: > KeyStore tempKeystore = KeyStore.getInstance(JKS); > org.apache.geronimo.security.keystore.FileKeystoreManager, line 364: > KeyStore keystore = > KeyStore.getInstance(FileKeystoreInstance.JKS); > To workaround this issue, one can change JKS to KeyStore.getDefaultType() > (this returns "BKS" for Harmony) or particular other keystore type, but this > requires source recompilation. Replacing > var/security/keystores/geronimo-default with the proper keystore type file is > not a problem. > A proper solution seems to apply the fix above to use the JDK-default > keystore type, and provide FileKeystoreInstance with an additional > configuration option, keystoreType, that would allow to change the keystore > type through config.xml without recompilation, like this: > <module name="org.apache.geronimo.configs/server-security-config/2.0.2/car"> > <gbean name="geronimo-default"> > <attribute name="keystoreType">PKCS12</attribute> > <attribute > name="keystorePath">var/security/keystores/geronimo-pkcs12</attribute> > </gbean> > </module> > This issue if a follow up to GERONIMO-2015. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.