smolnar82 commented on a change in pull request #60: KNOX-1418 - New KnoxShell command to build truststore using the gateway server's public certificate URL: https://github.com/apache/knox/pull/60#discussion_r260615297
########## File path: gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSh.java ########## @@ -155,6 +170,81 @@ public boolean validate() { public abstract String getUsage(); } + private class KnoxBuildTrustStore extends Command { + + private static final String USAGE = "buildTrustStore --gateway server-url"; + private static final String DESC = "Downloads the gateway server's public certificate and builds a trust store."; + private static final String CLIENT_TRUST_STORE_FILE_NAME = "gateway-client-trust.jks"; Review comment: Hm...currently KnoxShell supports the following scenarios when building up KnoxSession: truststore related attributes are either passed as environment variables (`KNOX_CLIENT_TRUSTSTORE_DIR`, `KNOX_CLIENT_TRUSTSTORE_FILENAME` and `KNOX_CLIENT_TRUSTSTORE_PASS`) or KnoxShell uses default values (`$USER_HOME`, `gateway-client-trust.jks` and `changeit`). I can modify the new command to consider the same environment variables but I would rather enhance it by letting end-users to pass these attributes as optional program arguments. If you agree I'd let this now as is and create a new JIRA to address this area. Any objection? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services