Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-3086

Unable to specify relative-to in ssl loopback configuration

    XMLWordPrintable

Details

    • Bug
    • Resolution: Obsolete
    • Minor
    • None
    • 7.0.0.ER5
    • Management, Security

    Description

      Setting ssl loopback as described in https://issues.jboss.org/browse/JBEAP-2514 doesn't support relative-to attribute for truststore-path.

      ./host=master/server-config=server-three/ssl=loopback:add(ssl-protocol=TLS, trust-manager-algorithm=SunX509, truststore-type=JKS, truststore-path=/home/darranl/src/wildfly9/cli-scripts/management-ssl/client.keystore, truststore-password=keystore_password)

      Setting as minor issue, because:

      • it is only for convenience, absolute path can be still used
      • ssl loopback is necessary only for running with FIPS java.
      • Customers using FIPS java will use PKCS11 truststore where there is no need for relative-to.
      • Issue applies only to JKS truststore and in this case absolute path can still be used.

      Attachments

        Issue Links

          blocks

          Tracker - Issue tracking a bug fix or improvement in another component JBEAP-4120 FIPS mode issues

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          relates to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-2514 unable to start in domain mode when the JVM is running in FIPS mode

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-2850 Document Starting domain mode when the JVM is running in FIPS mode

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              Unassigned Unassigned
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: