[ https://issues.apache.org/jira/browse/SOLR-14141?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17004595#comment-17004595 ]
Kevin Risden commented on SOLR-14141: ------------------------------------- {quote}you can specify jks and it will read pkcs12 just fine. since its essentially a noop, i think we should not clutter the docs with this?{quote} Ah guess I missed that part. That must be what you meant with "keystore.type.compat=true". I always assumed the storetype needed to be specified. Looks like this is in JDK 8 build 60 or higher based on https://bugs.openjdk.java.net/browse/JDK-8062552 +1 to keep it as is then. > eliminate JKS keystore from solr SSL docs > ----------------------------------------- > > Key: SOLR-14141 > URL: https://issues.apache.org/jira/browse/SOLR-14141 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Reporter: Robert Muir > Priority: Major > Attachments: SOLR-14141.patch, SOLR-14141.patch > > > On the "Enabling SSL" page: > https://lucene.apache.org/solr/guide/8_3/enabling-ssl.html#enabling-ssl > The first step is currently to create a JKS keystore. The next step > immediately converts the JKS keystore into PKCS12, so that openssl can then > be used to extract key material in PEM format for use with curl. > Now that PKCS12 is java's default keystore format, why not omit step 1 > entirely? What am I missing? PKCS12 is a more commonly > understood/standardized format. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org For additional commands, e-mail: issues-h...@lucene.apache.org