Critical Externalizing those parameters it doesn't works
<security-realm name="https"> <w:server-identities> <w:ssl> <w:engine enabled-protocols="TLSv1 TLSv1.1 TLSv1.2" /> <w:keystore path="${karaf.etc}/certs/server.keystore" provider="JKS" alias="server" keystore-password="${org.osgi.service.http.keystore.password}" key-password="${org.osgi.service.http.key-password}" generate-self-signed-certificate-host="localhost" /> </w:ssl> </w:server-identities> <w:authentication> <w:truststore path="${karaf.etc}/certs/server.truststore" provider="JKS" keystore-password="${org.osgi.service.http.truststore.password}" /> </w:authentication> </security-realm>
org.ops4j.pax.web.cfg :
org.osgi.service.http.truststore.password=secret org.osgi.service.http.key-password=secret org.osgi.service.http.keystore.password=secret
Some improvements should be done here:
https://github.com/ops4j/org.ops4j.pax.web/blob/master/pax-web-undertow/src/main/java/org/ops4j/pax/web/service/undertow/internal/ServerControllerImpl.java#L386-L388
- is related to
-
ENTESB-9132 Use Elytron Credential Store in custom PersistenceManager with new felix.configadmin 1.9.0
-
- Closed
-
- links to
