Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-7510

Improve error reporting when trying to use mutual TLS with the proxy

    Details

    • Type: Improvement
    • Status: Dev backlog
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0
    • Fix Version/s: None
    • Component/s: ease of use, proxy
    • Labels:
      None

      Description

      A user reported his experience trying to use the proxy with mutual TLS (mTLS).

      The user configured 2 backend servers (DS) with the proxy in front.
      The 2 backend servers were configured with a certificate signed by a root CA
      The result was initially an obscure error about certificate path. After correcting this error y importing the missing certificates into the proxy, a new error appeared about the use of a bad algorithm.
      The frustrated finally user silenced these errors by configuring service discovery to use the trust all trust manager.

      Acceptance criteria

      This issue can be closed once:

      • We have tried the users' setup instructions and reproduced the same problem that he found
      • We improve the reported error messages for ease of use
      • We review and improve the setup profiles proxy-server and proxied-server if need be

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                JnRouvignac Jean-Noël Rouvignac
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: