smolnar82 commented on a change in pull request #60: KNOX-1418 - New KnoxShell
command to build truststore using the gateway server's public certificate
URL: https://github.com/apache/knox/pull/60#discussion_r260615297
##########
File path:
gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSh.java
##########
@@ -155,6 +170,81 @@ public boolean validate() {
public abstract String getUsage();
}
+ private class KnoxBuildTrustStore extends Command {
+
+ private static final String USAGE = "buildTrustStore --gateway server-url";
+ private static final String DESC = "Downloads the gateway server's public
certificate and builds a trust store.";
+ private static final String CLIENT_TRUST_STORE_FILE_NAME =
"gateway-client-trust.jks";
Review comment:
Hm...currently KnoxShell supports the following scenarios when building up
KnoxSession:
truststore related attributes are either passed as environment variables
(`KNOX_CLIENT_TRUSTSTORE_DIR`, `KNOX_CLIENT_TRUSTSTORE_FILENAME` and
`KNOX_CLIENT_TRUSTSTORE_PASS`) or KnoxShell uses default values (`$USER_HOME`,
`gateway-client-trust.jks` and `changeit`).
I can modify the new command to consider the same environment variables but
I would rather enhance it by letting end-users to pass these attributes as
optional program arguments.
If you agree I'd let this now as is and create a new JIRA to address this
area. Any objection?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
