+1 for managing trust store and keystore separately. Thanks AmilaJ
On Fri, Feb 4, 2011 at 7:03 PM, Thilina Buddhika <[email protected]> wrote: > Hi Devs, > Currently we are setting wso2carbon.jks as the default trust-store in a > Carbon instance. This is set during the server startup inside the > CarbonServerManager class. > IMO, it should be client-truststore.jks which should be set as the default > trust-store in Carbon while treating wso2carbon.jks only as the primary key > store. Usually users manage their primary key stores separately from the > trust store. But with the current implementation, they have to import some > of certificates to the primary key store to get certain scenarios working. > Also for transports, we are using wso2carbon.jks as the key store while > using client-truststore.jks as the trust-store. So it will be more > consistent to use client-truststore.jks as the system wide trust store > instead of the wso2carbon.jks. > To make this change, we have to add a new configuration element to the > carbon.xml similar to the existing key store configuration. > Let us know your feedback on this. > Thanks, > Thilina > > -- > Thilina Buddhika > Senior Software Engineer > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 77 44 88 727 > blog : http://blog.thilinamb.com > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > _______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
