quarkus icon indicating copy to clipboard operation
quarkus copied to clipboard

Published 20 hours ago verified publisher icon quarkusio

The reactive REST client does not support P12, PEM and CRT/KEY files

Open cescoffier opened this issue 1 year ago • 1 comments

Description

The reactive rest client only supports the JKS format at the moment. While this format is popular in the Java world, it's not popular (at all) anywhere else. CRT/KEY, PEM (the same as CRT/KEY), and P12 (PFX) are more popular.

Implementation ideas

The underlying HTTP client has support for these other formats, so this enhancement is about:

  • adding the configuration key to pass the certificate and key files
  • detect the format (based on the extension)
  • configure the underlying client

Note that his work will enable the proper support of certificate reloading (it can be implemented with JKS, but most use case are about the other formats)

cescoffier avatar Feb 16 '24 07:02 cescoffier

/cc @geoand (rest-client)

quarkus-bot[bot] avatar Feb 16 '24 07:02 quarkus-bot[bot]

Just stumbled over this and seeing https://github.com/geoand/quarkus/commit/74149535a893cae3f8f50c5842fc5ccefae34437#diff-d374086457a41b4c533e9ff072d61977ce886022ded6173e358b6441b5f9c410R264 (I assume it's not merged and still being worked on) I just want to add that the quarkus reactive mailer seems to use "PKCS" as the truststore.type value and not PKCS12.

As I have no clue about quarkus internal consistency policies I'm just leaving this as a heads up here.

winks avatar May 02 '24 11:05 winks

@cescoffier is working on a massive revamp of this

geoand avatar May 02 '24 11:05 geoand

Yes, and the mailer is one of the components that will benefit from this large refactoring/ centralization.

cescoffier avatar May 03 '24 11:05 cescoffier