ssl-config icon indicating copy to clipboard operation
ssl-config copied to clipboard
verified publisher icon lightbend

FakeKeystore should create PKCS12 format (read both JKS and PKCS12)

Open ignasi35 opened this issue 7 years ago • 1 comments

Current implementations of FakeKeystore will produce a generated.keystore that uses the proprietary JKS format (not even JKCES). Latest versions of keytool are already alerting about the fact:

Warning:
The JKS keystore uses a proprietary format. It is recommended 
to migrate to PKCS12 which is an industry standard format using 
"keytool -importkeystore -srckeystore generated.keystore \
     -destkeystore generated.keystore -deststoretype pkcs12".

so FakeKeystore should produce PKCS12 keystores and be able to read both.

ignasi35 avatar Sep 27 '18 13:09 ignasi35

This is blocked by #92.

The keyStores produced by FakeKeyStore should be usable as keystore or truststore. ATM ssl-config doesn't support PKCS12 as truststore due to the bug fixed in #92 .

ignasi35 avatar Oct 10 '18 20:10 ignasi35