-
Bug
-
Resolution: Done
-
Blocker
-
None
-
None
By WFCORE-2483 there were introduced attributes keystore-password-credential-reference and key-password-credential-reference in resource client-certificate-store, which is used when syslog server requires client authentication during TLS handshake.
However this integration does not work.
Looking into SyslogAuditLogHandler.java I am missing credential reference retrieving code CredentialReference.getCredentialSourceSupplier
if (transport == Transport.TLS){ final SSLContext context = SSLContext.getInstance("TLS"); KeyManager[] keyManagers = null; if (tlsClientCertStorePath != null){ final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); final FileInputStream in = new FileInputStream(pathManager.resolveRelativePathEntry(tlsClientCertStorePath, tlsClientCertStoreRelativeTo)); try { final KeyStore ks = KeyStore.getInstance("JKS"); ks.load(in, tlsClientCertStorePassword.toCharArray()); kmf.init(ks, tlsClientCertStoreKeyPassword != null ? tlsClientCertStoreKeyPassword.toCharArray() : tlsClientCertStorePassword.toCharArray()); keyManagers = kmf.getKeyManagers(); } finally { IoUtils.safeClose(in); } } TrustManager[] trustManagers = null; if (tlsTrustStorePath != null){ final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); final FileInputStream in = new FileInputStream(pathManager.resolveRelativePathEntry(tlsTrustStorePath, tlsTrustStoreRelativeTo)); try { final KeyStore ks = KeyStore.getInstance("JKS"); ks.load(in, tlsTrustStorePassword.toCharArray()); tmf.init(ks); trustManagers = tmf.getTrustManagers(); } finally { IoUtils.safeClose(in); } }
Tes (Ignored) https://github.com/wildfly/wildfly-core/pull/2513
- blocks
-
JBEAP-9321 There is missing CS integration with core management
- Closed
- clones
-
JBEAP-11363 Credential reference integration with client-certificate-store does not work
- Closed
- is related to
-
WFCORE-2978 Verify that WFCORE-2923 fix is valid
- Resolved