Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

KeyStore generation from certificate and private key #215

Open
Sebruck opened this issue Oct 22, 2019 · 5 comments
Open

KeyStore generation from certificate and private key #215

Sebruck opened this issue Oct 22, 2019 · 5 comments

Comments

@Sebruck
Copy link

Sebruck commented Oct 22, 2019

Hi

as far as I have seen it is currently only possible to provide a keystore to ssl-config.

It would be great to be able to provide paths to a certificate and private key and ssl-config generates the keystore for me. So far we do this in our code:

      val ks = KeyStore.getInstance("PKCS12")
      ks.load(null, null)
      ks.setKeyEntry("1", privateKey, password, Seq(certificate).toArray)

what do you think?

@Sebruck Sebruck changed the title Enable KeyStore generation from certificate and private key KeyStore generation from certificate and private key Oct 22, 2019
@Sebruck
Copy link
Author

Sebruck commented Oct 22, 2019

Possible duplicate of #151

we run on kubernetes but get only priv key + certificate in our pods

@wsargent
Copy link
Contributor

SSL config only does configuration. You can use https://github.com/tersesystems/securitybuilder to generate the keystore.

@Sebruck
Copy link
Author

Sebruck commented Oct 30, 2019

@wsargent the idea is to not do it programmatically but just via configuration and this library takes care.

@wsargent
Copy link
Contributor

wsargent commented Nov 6, 2019

@Sebruck Certificate and keystore generation is not a part of JSSE or TLS. That would still be a distinct project working with CertPath and JCA APIs.

@wsargent
Copy link
Contributor

wsargent commented Nov 6, 2019

In the past I've used CFSSL and sample-cfssl-ca to do this -- see https://tersesystems.com/blog/2018/07/28/building-java-keystores/ for more details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants