Mantis - Resin
Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
5475 feature always 07-01-13 10:40 05-07-18 16:01
Reporter: cowan Platform:  
Assigned To: ferg OS:  
Priority: normal OS Version:  
Status: closed Product Version: 4.0.36  
Product Build: Resolution: won't fix  
Projection: none      
ETA: none Fixed in Version:  
Summary: 0005475: HSM support
Description: Most HSM vendors have APIs to retrieve a specific cert from the HSM. Customer requests more flexible JSSE certificate configurable.
Steps To Reproduce:
Additional Information: Req by A. Balandran
Relationships
Attached Files:

Notes
(0006334)
cowan   
10-18-13 07:36   
The Arx PrivateServer documentation has this example of how to access the KeyStore using JCA and their JCA provider:

KeyStore ks = KeyStore.getInstance("JKS", "ARJCA");
ks.load(null, null);
Key pub = keyPair.getPublic();
ks.setKeyEntry(pubName, pub, passw.toCharArray(),null);

We would need to make at least 2 changes in JsseSSLFactory for this to work:

1 Provide a conf param to set the provider name
2 Skip reading the keystore from a file

Those are the 2 obvious changes. There may be others, like handling of passwords and aliases.

This change could be make to Resin's JsseSSLFactory or by extending JsseSSLFactory and supplying an alternate factory class to <port>.