Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-2923

SSLContextBuilder should use the JVM's KeyManager by default

    Details

    • Type: Improvement
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 4.0.0, 3.5.0
    • Component/s: core apis
    • Labels:
    • Support Ticket IDs:

      Description

      When using SSLContextBuilder in the DJ SDK unfortunately when the KeyManager was not explicitly set, it will default to null. This means that trying to perform client certificate authentication with an OOTB SDK can become quite complicated (having to manually create a KeyManager can require several settings from the client application).

      It would be best if the SDK could fall back to the JVM's keystore setting (denoted by the -Djavax.net.ssl.keyStore* JVM properties) by default, and this would be also in-line with the JDK's OOTB HttpsURLConnection.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                peter.major Peter Major [X] (Inactive)
                Reporter:
                peter.major Peter Major [X] (Inactive)
                Dev Assignee:
                Peter Major [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: