Details
-
Feature
-
Status: Released (View Workflow)
-
Minor
-
Resolution: Fixed
-
2.5.8, 2.6.4
-
None
Description
Current Situation
Case 1: Setting truststore_path in joc.properties is empty
- truststore_path from ldap identity service is used
- truststore_password from ldap identity service is used
- truststore type from ldap identity service is used
- If truststore_path is empty system property javax.net.ssl.trustStore is used
- If truststore_password is empty system property javax.net.ssl.trustStorePassword is used
- If truststore_type is empty system property javax.net.ssl.trustStoreTypeis used
If truststore_type is null "PKCS12" is used
The truststore_path is absolut or relative to JETTY_BASE/resources/joc
Case 2: Setting truststore_path in joc.properties is NOT empty
- truststore_path from joc.properties is used
- truststore_password from joc.properties is used
- truststore type from joc.properties is used
- If truststore_path is empty system property javax.net.ssl.trustStore is used
- If truststore_password is empty system property javax.net.ssl.trustStorePassword is used
- If truststore_type is empty system property javax.net.ssl.trustStoreTypeis used
If truststore_type is null "PKCS12" is used
The truststore_path is absolut or relative to JETTY_BASE/resources/joc
Desired Behavior
The settings in the ldap identity service take precedence over the settings in joc.properties
- truststore_path from ldap identity service is used
- truststore_password from ldap identity service is used
- truststore type from ldap identity service is used
- If truststore_path is empty truststore_path from joc.properties is used
- If truststore_password is empty truststore_password from joc.properties is used
- If truststore_type is empty truststore type from joc.properties is used
- If truststore_path is empty system property javax.net.ssl.trustStore is used
- If truststore_password is empty system property javax.net.ssl.trustStorePassword is used
- If truststore_type is empty system property javax.net.ssl.trustStoreTypeis used
If truststore_type is null "PKCS12" is used
The truststore_path is absolut or relative to JETTY_BASE/resources/joc
Compatibility
- When the truststore_path was stored in joc.properties and not in the identity service --> Compatible
- When the truststore_path was stored in the identity service and not in joc.properties --> Compatible
- When the truststore_path was stored in the identity service and in joc.properties
- * --> Compatible if it is the same value.
- --> NOT compatible if these are different values.
- Possible action: Change or remove the setting according with the truststore in the identity service.
- --> NOT compatible if these are different values.