KeyStore generation from certificate and private key

[Sebruck]

Hi

as far as I have seen it is currently only possible to provide a keystore to ssl-config.

It would be great to be able to provide paths to a certificate and private key and ssl-config generates the keystore for me. So far we do this in our code:

      val ks = KeyStore.getInstance("PKCS12")
      ks.load(null, null)
      ks.setKeyEntry("1", privateKey, password, Seq(certificate).toArray)

what do you think?

[Sebruck]

Possible duplicate of #151

we run on kubernetes but get only priv key + certificate in our pods

[wsargent]

SSL config only does configuration. You can use https://github.com/tersesystems/securitybuilder to generate the keystore.

[Sebruck]

@wsargent the idea is to not do it programmatically but just via configuration and this library takes care.

[wsargent]

@Sebruck Certificate and keystore generation is not a part of JSSE or TLS. That would still be a distinct project working with CertPath and JCA APIs.

[wsargent]

In the past I've used CFSSL and sample-cfssl-ca to do this -- see https://tersesystems.com/blog/2018/07/28/building-java-keystores/ for more details.