Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-2923

SSLContextBuilder should use the JVM's KeyManager by default

    Details

    • Type: Improvement
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 4.0.0, 3.5.0
    • Component/s: core apis
    • Labels:
    • Support Ticket IDs:

      Description

      When using SSLContextBuilder in the DJ SDK unfortunately when the KeyManager was not explicitly set, it will default to null. This means that trying to perform client certificate authentication with an OOTB SDK can become quite complicated (having to manually create a KeyManager can require several settings from the client application).

      It would be best if the SDK could fall back to the JVM's keystore setting (denoted by the -Djavax.net.ssl.keyStore* JVM properties) by default, and this would be also in-line with the JDK's OOTB HttpsURLConnection.

        Attachments

          Issue Links

          is required by

          Task - A task that needs to be done. OPENDJ-2996 Update docs regarding fallback to JVM's KeyManager by default

          • Major - Major loss of function.
          • Done

            Activity

              People

              • Assignee:
                peter.major Peter Major [X] (Inactive)
                Reporter:
                peter.major Peter Major [X] (Inactive)
                Dev Assignee:
                Peter Major [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: