Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-402

A wrapper KeyStore that can filter by alias

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Major
    • 1.1.0.Beta4
    • None
    • SSL
    • None

    Description

      A common request is that when a server is configured for SSL the alias to use from the KeyStore can be specified - this can be a little short sighted as a huge advantage of multiple entries in a single KeyStore is that different entries can be used depending on the selected cipher suite.

      A better option may be to add alias filtering so a wrapper KeyStore can still make a number of underlying entries available.

      Alias filtering is better handled at the KeyStore level as the KeyManager should be performing additional checks to ensure the keys and signatures are compatible with the current cipher suite.

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-2433 Unable to specify alias for PKCS11 provider

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: