geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-2218) KeyStore portlet: Functionality missing from 1.0
Date Tue, 01 Aug 2006 09:37:14 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-2218?page=comments#action_12424805 ] 
            
Vamsavardhana Reddy commented on GERONIMO-2218:
-----------------------------------------------

CONCERN:
1) It seems like jetty has some problems if there is more than one unlocked key in the same
keystore. I'm not sure what these are exactly, but I couldn't get jetty to start once I had
more than one key unlocked. I think this is the largest issue.

REPLY:
The issue is not because multiple keys are unlocked, but because of the keyPassword.  As long
as the keyPassword is "secret" (which is hardcoded somewhere) there is no problem with how
many keys are in unlocked state.  This calls for adding an "alias" parameter in JettySSLConnector.
 Without this, all the keys need to be in unlocked state since there is no control on which
one the connector will pickup.

> KeyStore portlet:  Functionality missing from 1.0
> -------------------------------------------------
>
>                 Key: GERONIMO-2218
>                 URL: http://issues.apache.org/jira/browse/GERONIMO-2218
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: console
>    Affects Versions: 1.1, 1.1.1
>         Environment: Win XP, Sun JDK1.4.2_08
>            Reporter: Vamsavardhana Reddy
>         Assigned To: Joe Bohn
>            Priority: Critical
>             Fix For: 1.1.1
>
>         Attachments: delete-fix.patch, GERONIMO-2218-with-unlockkey-new.patch, GERONIMO-2218-with-unlockkey.patch,
GERONIMO-2218.patch
>
>
> Functionality missing from AG1.0 includes
> 1.  Ability to view Trusted Certificate and Private Key Entry details
> 2.  Ability to generate CertificateRequests
> 3.  Ability to import CA reply
> The 2nd and 3rd functions from above are most important and without these the portlet
is of very less (or no) use in any practical scenario.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message