We can perhaps consider taking a provider approach and have cert generation be able to done with both providers (Sun & BouncyCastle) and any other impls in future?
On Mon, Sep 15, 2014 at 2:06 PM, larry mccay <larry.mc...@gmail.com> wrote: > All - > > Pascal Oliva has filed KNOX-242 and provided a patch contribution for > replacing the use of the sun/oracle proprietary classes with the use of the > Bouncy Castle library. > > With reported plans from oracle to limit or block access to the old sun > classes it seems that we need to make a move here anyway. > > Pascal's motivation appears to be that these classes also do not exist in > the IBM JVM environment and therefore Knox does not build or run. > > I have applied his patch and have tested the server and CLI create-cert > behavior and it seems to work compatibly. > > I intend to commit this work later tonight unless someone can articulate a > compelling reason not to. > > thanks, > > --larry >