Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-6034

Required attributes of elytron key-store creation CLI command

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Critical
    • None
    • 7.1.0.DR4
    • Security, User Experience
    • None

    Description

      Minimal CLI command to create key store is

      /subsystem=elytron/key-store=server:add(type="JKS")

      But it has these problems:

      • Command let me create jks keystore without path specified. I understand this can't be validated on model level. But should be possible in subsystem, IMO :
        If key-type is file-based, e.g. JKS or PKCS12 path can't be empty.
      • Password attribute has to be required. I can't think of case when that could be ommited.
      • Attribute type could be optional. If not set default value can be Keystore.getDefaultType(). As model cant't express this, it can be documented in description.

      In result it will be possible to create key-store by this minimal CLI command:

      /subsystem=elytron/key-store=server:add(path="server.jks", password="secret")

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2402 Required attributes of elytron key-store creation add operation

          • Critical - To be worked on immediately following BLOCKER issues.
          • Resolved
          relates to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-6748 Elytron key-store requires set credential-reference which is wrongly marked as optional.

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-6757 Elytron key-managers requires set credential-reference which is wrongly marked as optional.

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              pskopek@redhat.com Peter Skopek
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: