cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fred Dushin <>
Subject Default keystore type
Date Thu, 05 Apr 2007 18:06:14 GMT

A few issues on HTTP/S:

First, I submitted  We  
should allow clients to run with only a truststore, as client  
authentication is not mandatory, in SSL.

Would folks be amenable to making the default keystore type in the  
HTTPs transport JKS?  This seems a bit more amenable to most Java  
users -- I was surprised to see that PKCS#12 is the default.  It also  
seems a bit counterintuitive that the default truststore type is JKS,  
whereas for "personal" keystores (i.e., keystores that ostensibly  
contain private keys), it's PKCS12.  Anyone know why?

Also, I don't see support for a truststore password -- we want this,  
I think, if it's not already there.


View raw message