By WFCORE-2483 there were introduced attributes keystore-password-credential-reference and key-password-credential-reference in resource client-certificate-store, which is used when syslog server requires client authentication during TLS handshake.
However this integration does not work.
Looking into SyslogAuditLogHandler.java I am missing credential reference retrieving code CredentialReference.getCredentialSourceSupplier
if (transport == Transport.TLS){ final SSLContext context = SSLContext.getInstance("TLS"); KeyManager[] keyManagers = null; if (tlsClientCertStorePath != null){ final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); final FileInputStream in = new FileInputStream(pathManager.resolveRelativePathEntry(tlsClientCertStorePath, tlsClientCertStoreRelativeTo)); try { final KeyStore ks = KeyStore.getInstance("JKS"); ks.load(in, tlsClientCertStorePassword.toCharArray()); kmf.init(ks, tlsClientCertStoreKeyPassword != null ? tlsClientCertStoreKeyPassword.toCharArray() : tlsClientCertStorePassword.toCharArray()); keyManagers = kmf.getKeyManagers(); } finally { IoUtils.safeClose(in); } } TrustManager[] trustManagers = null; if (tlsTrustStorePath != null){ final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); final FileInputStream in = new FileInputStream(pathManager.resolveRelativePathEntry(tlsTrustStorePath, tlsTrustStoreRelativeTo)); try { final KeyStore ks = KeyStore.getInstance("JKS"); ks.load(in, tlsTrustStorePassword.toCharArray()); tmf.init(ks); trustManagers = tmf.getTrustManagers(); } finally { IoUtils.safeClose(in); } }
- blocks
-
JBEAP-9321 There is missing CS integration with core management
- Closed
- is cloned by
-
WFCORE-2923 Credential reference integration with client-certificate-store does not work
- Resolved
-
JBEAP-11387 Verify that JBEAP-11343 fix is valid
- Closed
- is incorporated by
-
JBEAP-11137 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta26
- Closed