[CONJ-617] Document what certificate store formats are valid for which SSL properties Created: 2018-06-06 Updated: 2018-06-06 |
|
| Status: | Open |
| Project: | MariaDB Connector/J |
| Component/s: | documentation |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major |
| Reporter: | Geoff Montee (Inactive) | Assignee: | Diego Dupin |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Description |
|
The documentation for the various certificate store properties for Connector/J don't currently state which formats are valid for which properties: https://mariadb.com/kb/en/library/about-mariadb-connector-j/#tls-ssl It looks like PEM files are valid for serverSslCert, but nothing is specifically mentioned for keyStore or trustStore. Do those also support PEM files, or do those require Java Key Store (.jks) files? Can the format for a specific certificate store be changed in some way by setting some other property or calling some method? |
| Comments |
| Comment by Diego Dupin [ 2018-06-06 ] |
|
The connector can use certificates from keystore/truststore or directly from String/certificates files. KeyStore and trustStore can have 2 differents formats : JKS (java proprietary format) and PKCS12. Connector can read private key in PKCS#8 (begin with "---- |
| Comment by Geoff Montee (Inactive) [ 2018-06-06 ] |
|
Hi Diego, Thanks for the feedback. Can you please add specific information to the documentation about how this affects the various properties? If I'm understanding properly, then it affects each property like this:
This can be any of the following:
This can be any of the following:
This can be any of the following:
Is that correct? Did I miss or misunderstand anything? |