stroom icon indicating copy to clipboard operation
stroom copied to clipboard
verified publisher icon gchq

HTTPAppender and general SSL Improvements

Open stroomdev10 opened this issue 6 years ago • 2 comments

allow selection of an alias from a client keystore if one is specified, if none specified, the current behaviour is to be retained

SSL config entity type

stroomdev10 avatar Nov 14 '19 12:11 stroomdev10

To elaborate on "SSL config entity type", we need an entity type for storing ssl configuration details that can then be referenced in various places in stroom, e.g. HttpAppender, HttpCall (xslt func), Elastic Search, etc. This makes it easy to define a set of ssl creds once and use them in multiple places.

Such an entity needs to capture all the data held in SSLConfig. Thought needed on storing the password and who can access it. HttpAppender, HttpCall, Elastic, etc. would then need to be changed to reference an SSL Config entity and not capture any ssl config themselves.

The SSL config entity ought to do sensible validation of the values. e.g. if useJvmSslConfig is true, key/trust store props should not be set, if a keystore is specified and a trust store is not, if a key/trust store path is invalid, etc.

Also HttpAppender and HttpCall use different mechanisms for sending the http request (Connection vs OkHttp). We ought to standardise on one.

at055612 avatar Nov 17 '22 10:11 at055612

relates to gh-1684

at055612 avatar Nov 18 '22 13:11 at055612