[
https://issues.apache.org/jira/browse/SLIDER-585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14309236#comment-14309236
]
Jonathan Maron commented on SLIDER-585:
---------------------------------------
The way I'm thinking of approaching this feature is to configure component
properties indicate the need for the generation of truststore and/or keystores,
the seeding of those in a standard location with a standard naming convention,
and allowing the AM to populate the location in the config file based on a
token (or perhaps just documenting the default location relative to
AGENT_WORK_ROOT). I believe the ability to configure on a per-component basis
and the need to reference from the application configuration should allow for
an incremental uptake approach: specify the need for generation for the
components leveraging RPC and configuring their configuration appropriately
while seeding the HTTPS supporting stores manually, with an eye towards
migrating to the slider feature in the future.
For the time being I think I'll proceed with the PKCS12 generation (given our
existing use of OpenSSL). If the requirement to generate JKS files does
materialize we can look at leveraging keytool to import the required cert into
a JKS formatted trust store.
> Localize SSL certs for apps
> ---------------------------
>
> Key: SLIDER-585
> URL: https://issues.apache.org/jira/browse/SLIDER-585
> Project: Slider
> Issue Type: Sub-task
> Components: security
> Reporter: Billie Rinaldi
> Assignee: Jonathan Maron
> Fix For: Slider 2.0.0
>
>
> See discussion on SLIDER-580.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
