[ https://issues.apache.org/jira/browse/SLIDER-802?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14343276#comment-14343276 ]
Jonathan Maron commented on SLIDER-802: --------------------------------------- Actually, I suppose may clients will end up leveraging standard JSSE properties, so the password will have to be explicitly specified as the value of a property. It may simply be best to allow the client to specify the store password during the certificate store request. > Need mechanism for client truststore and keystore retrieval > ----------------------------------------------------------- > > Key: SLIDER-802 > URL: https://issues.apache.org/jira/browse/SLIDER-802 > Project: Slider > Issue Type: Bug > Components: client, security > Reporter: Jonathan Maron > Assignee: Jonathan Maron > > For applications that take advantage of the certificate store generation > feature, there may be a need for the client's to obtain truststores and, > optionally, keystores to successfully communicate via SSL to the server-side > application components. > One possible approach is a CLI option: > slider ssl-support --keystore <path for generated file> --subj <DN for client> > Some key points: > 1) Could use the localhost from where the client is invoked to create the > subject DN (CN=<localhost name>) if no subject is specified > 2) For clients to access these stores they will need access to store > passwords. I believe it's be most appropriate to leverage the Credential > Provider facility. -- This message was sent by Atlassian JIRA (v6.3.4#6332)