Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Unify behaviour and formats for trust stores #33274

New issue
New issue
Open
enhancement
Open
Unify behaviour and formats for trust stores#33274
enhancement
Labels
area/dist/quarkuskind/enhancementCategorizes a PR related to an enhancementstatus/triageteam/cloud-native
Milestone
26.6.0
@vmuzikar

Description

@vmuzikar
vmuzikar
opened on Sep 25, 2024

Description

Keycloak currently has several trust stores:

  • cache-embedded-mtls-trust-store-file and cache-embedded-mtls-trust-store-password for configuring ISPN's mTLS truststore in Java Keystore format.
  • https-trust-store-file and https-trust-store-password for configuring server's mTLS truststore in Java Keystore format.
  • truststore-paths for configuring System Truststore as a list of files or dirs containing PEM or PKCS12 files.

This should be unified as it's currently inconsistent.

A proposed way would be:

  • All truststores accept only PEM or PKCS12 as a list of files or dirs.
  • Optionally, unify the name of the options to follow the pattern of truststore-[type]-paths.

Discussion

No response

Motivation

No response

Details

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/dist/quarkuskind/enhancementCategorizes a PR related to an enhancementstatus/triageteam/cloud-native

    Type

    enhancement

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions