Add JKS keystore support to X509Authentication #374
+296
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
- Add configureX509AuthenticationFromKeystore method for JKS keystore support - Add createSSLContextFromKeystore helper method - Support keystore path, password, and certificate alias parameters - Reuse existing SSL context creation logic - Add proper error handling for missing certificates/keys Co-Authored-By: [email protected] <[email protected]>
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
- Wrap long method signature to match project style - Remove extra blank line - Ensure proper indentation Co-Authored-By: [email protected] <[email protected]>
- Break long exception messages across multiple lines - Fix line length violations for static analysis compliance - Maintain consistent formatting with existing codebase Co-Authored-By: [email protected] <[email protected]>
- Converts unencrypted PEM files to JKS keystore format - Uses filename as certificate alias (e.g., pkcs8_unencrypted, pkcs1_unencrypted) - Supports both PKCS#1 and PKCS#8 private key formats - Includes keystore verification and proper error handling Co-Authored-By: [email protected] <[email protected]>
- Remove specific UnrecoverableKeyException import since it's covered by java.security.* - Resolves static analysis violation for import redundancy Co-Authored-By: [email protected] <[email protected]>
- Add specific import for UnrecoverableKeyException used in catch block - Resolves static analysis failure caused by ambiguous import resolution Co-Authored-By: [email protected] <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add JKS keystore support to X509Authentication
Summary
This PR adds JKS keystore support to the X509Authentication class while preserving all existing PEM-based functionality. The implementation adds a new public method
configureX509AuthenticationFromKeystorethat takes a keystore path, password, and certificate alias, then extracts the certificate and private key to create an SSL context.Key Changes:
configureX509AuthenticationFromKeystoremethod for JKS keystore supportcreateSSLContextFromKeystorehelper method that handles keystore loading and certificate extractioncreateSSLContextFromKeyAndCertmethod to maintain consistency with PEM implementationReview & Testing Checklist for Human
Test Plan Recommendation
configureX509AuthenticationFromKeystorewith valid parameters and verify SSL context creationNotes