Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-6034

Required attributes of elytron key-store creation CLI command

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Critical Critical
    • None
    • 7.1.0.DR4
    • Security, User Experience
    • None

      Minimal CLI command to create key store is

      /subsystem=elytron/key-store=server:add(type="JKS")

      But it has these problems:

      • Command let me create jks keystore without path specified. I understand this can't be validated on model level. But should be possible in subsystem, IMO :
        If key-type is file-based, e.g. JKS or PKCS12 path can't be empty.
      • Password attribute has to be required. I can't think of case when that could be ommited.
      • Attribute type could be optional. If not set default value can be Keystore.getDefaultType(). As model cant't express this, it can be documented in description.

      In result it will be possible to create key-store by this minimal CLI command:

      /subsystem=elytron/key-store=server:add(path="server.jks", password="secret")

              pskopek@redhat.com Peter Skopek
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: