[
https://issues.apache.org/jira/browse/JAMES-3673?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benoit Tellier closed JAMES-3673.
---------------------------------
Fix Version/s: 3.7.0
Resolution: Fixed
> Separate trust store for S3
> ---------------------------
>
> Key: JAMES-3673
> URL: https://issues.apache.org/jira/browse/JAMES-3673
> Project: James Server
> Issue Type: Improvement
> Components: Blob
> Affects Versions: master
> Reporter: Karsten Otto
> Priority: Major
> Fix For: 3.7.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Since James supports S3 blob storage access via HTTPS, it should be possible
> to configure a specific trust store for validating the S3 server certificate.
> This lets users "pin" the server certificate, and better separate the trust
> realms of infrastructure and public services (SMTP, IMAP etc.).
> This can be achieved in blob.properties with the usual set of configuration
> options for such cases, such as:
> {code:java}
> objectstorage.s3.truststore.path=/conf/s3trust.p12
> objectstorage.s3.truststore.type=PKCS12
> objectstorage.s3.truststore.secret=yoursecret
> objectstorage.s3.truststore.algorithm=SunX509 {code}
> T-Shirt size M.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
