geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: How to stop loading of default certificate
Date Tue, 06 May 2008 17:09:02 GMT
Hi Jarek,

The reason I introduced this certKeystoreTypes member is that I wanted to
update (but have not done so!!) the keystores portlet to display whether a
keystore can be used to store trusted certificate entries.  The problem
seems to be that in Windows environment there are two special keystore types
"Windows-MY" and "Windows-ROOT" which correspond to the windows private
keystore and windows root certificate keystores.  We should be skipping
these two keystore types as they don't exactly fit in with the other
keystore types in terms of creating new key stores etc.

++Vamsi

On Tue, May 6, 2008 at 1:10 AM, Jarek Gawor <jgawor@gmail.com> wrote:

> Well, the problem is that the org.apache.geronimo.crypto.KeystoreUtil
> (in static block) goes through all the KeyStore providers and tests if
> they support storing a certificate. That test causes that window to be
> displayed on Windows with Java 1.6. The KeystoreUtil keeps a list of
> the providers which supporting storing a certificate in a public
> certKeystoreTypes variable. However, I cannot find a single reference
> to that variable in the entire Geronimo code.
>
> If there are no external references to that certKeystoreTypes variable
> maybe we should just remove that piece of code altogether (that
> particular test and the variable). If there are external references we
> can either make it empty or set it to a list that contains all
> KeyStore providers (since there is no easy way to figure out if the
> KeyStore supports certificates or not and without causing other side
> effects like on Windows, AFAIK).
>
> Thoughts?
>
> Jarek
>
> On Mon, May 5, 2008 at 2:29 PM, Kevan Miller <kevan.miller@gmail.com>
> wrote:
> > Seems like it's time to get this fixed :-)
> >
> >  --kevan
> >
> >
> >
> >  On May 5, 2008, at 8:25 AM, "Jarek Gawor" <jgawor@gmail.com> wrote:
> >
> >
> > > Try with jetty assembly:
> > https://issues.apache.org/jira/browse/GERONIMO-3864
> > >
> > > :)
> > >
> > > Jarek
> > >
> > > On Mon, May 5, 2008 at 9:18 AM, Ashwill, Steve (Facilities & Services)
> > > <sashwill@uiuc.edu> wrote:
> > >
> > > > I haven't found it in the documentation, perhaps I'm just not
> looking
> > > > in the right place.
> > > >
> > > > The message says:
> > > > You are about to install a certificate from a certification
> authority
> > > > (CA) claiming to represent:
> > > >
> > > > ME
> > > >
> > > > {text omitted}
> > > >
> > > >
> > > > Do you want to install this certificate?
> > > >
> > > > Yes No
> > > >
> > > >
> > > > I do not believe that anything has been modified concerning the
> > > > keystores.  This started as soon as I upgraded to "2.1" I start it
> as a
> > > > service, but the same thing happens if I run from the command line
> as
> > > > well with startup.bat.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Steven Ashwill
> > > > Application Developer
> > > > University of Illinois
> > > > 1609 S. Oak St.   M/C 662
> > > > Champaign, IL 61821
> > > > (217) 265-6337
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: David Jencks [mailto:david_jencks@yahoo.com]
> > > > Sent: Friday, May 02, 2008 12:44 PM
> > > > To: user@geronimo.apache.org
> > > > Subject: Re: How to stop loading of default certificate
> > > >
> > > > I've never seen  this happen.  Have you modified the geronimo
> keystore/
> > > > truststore setup?  How are you restarting geronimo?  What does the
> popup
> > > > look like?  Is there a stack trace?
> > > >
> > > > This seems like something we should cover in the documentation...
> > > >
> > > > thanks
> > > > david jencks
> > > >
> > > > On May 2, 2008, at 9:10 AM, Ashwill, Steve (Facilities & Services)
> > > > wrote:
> > > >
> > > >
> > > > > Can someone save me some research time and tell me how to stop
> > > > > Geronimo from trying to load the default certificate. The pop up
> boxes
> > > > >
> > > >
> > > >
> > > > > asking if I want to load it are causing a problem if I am doing a
> > > > > remote restart because they appear on the console not on the
> remote
> > > > > desktop connection.
> > > > >
> > > > > Thanks,
> > > > > Steven Ashwill
> > > > >
> > > > >
> > > > > Sorry for the duplicate message, but I though I'd better get the
> right
> > > > >
> > > >
> > > >
> > > > > subject line. Haste does indeed make waste.
> > > > >
> > > >
> > > >
> > > >
> > >
> >
>

Mime
View raw message