[jira] Commented: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=comments#action_12442965 ] Nikolay Chugunov commented on GERONIMO-2015: Vamsavardhana, Could you send code, you have written above > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: security >Reporter: Nikolay Chugunov > Fix For: 1.2 > > Attachments: jksToPKCS12-1.1.1.patch, JKSToPKCS12.java, > jksToPKCS12.patch, keystore > > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=comments#action_12442937 ] Nikolay Chugunov commented on GERONIMO-2015: Vamsavardhana, As following from your stack trace JKSToPKCS12 class should invoke setCertificateEntry method. But it does't not exist in the class. I verify that the class works fine on 1.4. > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: security >Reporter: Nikolay Chugunov > Fix For: 1.2 > > Attachments: jksToPKCS12-1.1.1.patch, JKSToPKCS12.java, > jksToPKCS12.patch, keystore > > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=comments#action_12427259 ] Nikolay Chugunov commented on GERONIMO-2015: We may stop discussing about moving this bug to 2.0, because 2.0 version does not exists in this JIRA :) > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: security >Reporter: Nikolay Chugunov > Fix For: 1.2 > > Attachments: JKSToPKCS12.java, jksToPKCS12.patch, keystore > > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=comments#action_12402318 ] Nikolay Chugunov commented on GERONIMO-2015: Donald, I have found that IBM 1.4.2 JVMs support PKCS12: see end of appendex A of http://www-128.ibm.com/developerworks/java/jdk/security/142/secguides/jceDocs/api_users_guide.html#AppA > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security > Reporter: Nikolay Chugunov > Attachments: JKSToPKCS12.java, jksToPKCS12.patch, keystore > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=comments#action_12383376 ] Nikolay Chugunov commented on GERONIMO-2015: PKCS12 is world standart for storing keys and I propose switch to it. PKCS12 support exists in Sun and Bouncy Castle (BC) provider. This patch can work without BC library. > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security > Reporter: Nikolay Chugunov > Attachments: JKSToPKCS12.java, jksToPKCS12.patch, keystore > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=all ] Nikolay Chugunov updated GERONIMO-2015: --- Attachment: jksToPKCS12.patch > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security > Reporter: Nikolay Chugunov > Attachments: JKSToPKCS12.java, jksToPKCS12.patch, keystore > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=all ] Nikolay Chugunov updated GERONIMO-2015: --- Attachment: JKSToPKCS12.java > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security > Reporter: Nikolay Chugunov > Attachments: JKSToPKCS12.java, keystore > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
[ http://issues.apache.org/jira/browse/GERONIMO-2015?page=all ] Nikolay Chugunov updated GERONIMO-2015: --- Attachment: keystore > Let's replace JKS to PKCS12 key store type > -- > > Key: GERONIMO-2015 > URL: http://issues.apache.org/jira/browse/GERONIMO-2015 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security > Reporter: Nikolay Chugunov > Attachments: JKSToPKCS12.java, keystore > > Hello > Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key > store and Geronimo may not work on non-Sun VMs. > To fix this problem I have created the patch for Geronimo sources. > In brief the patch (attached) replaces JKS to PKCS12 key store type in > configurations files. > PKCS12 format of key store file is not java-specific and can be created and > read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in > Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is > Sun specific key store and does not exist in Bouncy Castle. > Also it is needed to replace JKS to PKCS12 keystore file (attached) to > assemblies/j2ee-tomcat-server/src/var/security, > assemblies/j2ee-installer/src/var/security, > assemblies/j2ee-jetty-server/src/var/security directories. Key store file was > generating using JKSToPKCS12 class (attached). This class transfers key and > certificate of Geronimo from JKS to PKCS12. > After I apply this patch to Geronimo 1.0 sources and build Geronimo I can > login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Created: (GERONIMO-2015) Let's replace JKS to PKCS12 key store type
Let's replace JKS to PKCS12 key store type -- Key: GERONIMO-2015 URL: http://issues.apache.org/jira/browse/GERONIMO-2015 Project: Geronimo Type: Improvement Security: public (Regular issues) Components: security Reporter: Nikolay Chugunov Hello Let's replace JKS to PKCS12 key store type; because PKCS12 is widely used key store and Geronimo may not work on non-Sun VMs. To fix this problem I have created the patch for Geronimo sources. In brief the patch (attached) replaces JKS to PKCS12 key store type in configurations files. PKCS12 format of key store file is not java-specific and can be created and read by other programs, e.g. Internet Explorer. In addition PKCS12 exists in Bouncy Castle (http://www.bouncycastle.org) security provider, while JKS is Sun specific key store and does not exist in Bouncy Castle. Also it is needed to replace JKS to PKCS12 keystore file (attached) to assemblies/j2ee-tomcat-server/src/var/security, assemblies/j2ee-installer/src/var/security, assemblies/j2ee-jetty-server/src/var/security directories. Key store file was generating using JKSToPKCS12 class (attached). This class transfers key and certificate of Geronimo from JKS to PKCS12. After I apply this patch to Geronimo 1.0 sources and build Geronimo I can login to Geronimo console over https. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
