Thanks Rick. It helps, but only in identifying what my next steps are. I may make a patch that enable some additional options for loading keystore data in a networked+embedded setup as well as possibly programmatic access to get/set all derby properties.
On Tue, Dec 11, 2018, 1:34 PM Rick Hillegas <rick.hille...@gmail.com wrote: > For SSL/TLS protected connections, Derby relies on the SSL/TLS support > provided by the JVM. So this is a JVM-configuration question. Here is the > top answer which I get when I google for "application specific keystore in > multi-tenant java jvm": > https://stackoverflow.com/questions/1793979/registering-multiple-keystores-in-jvm > > Hope this helps, > -Rick > > On 12/11/18 6:20 AM, Alex O'Ree wrote: > > The derby security guide for enabling tls connection supports only loading > the keystore location/password from the global system properties. Is there > a way to provide this programmatically? I'd rather not define this setting > globally within the jvm as it's shared with tomcat and a number of other > components. > > There is a NetworkServerControl#getCurrentProperties() method. Can i > inject the javax.net.ssl properties through there before starting the > server? > > On Mon, Nov 26, 2018 at 7:10 PM Rick Hillegas <rick.hille...@gmail.com> > wrote: > >> On 11/26/18 3:58 PM, Alex O'Ree wrote: >> > My primary use case is to use an embedded derby within my webapp for >> > storage and whatnot. I also have another requirement to provide >> > localhost (and possible remote access) to the database via jdbc >> > connection. I know how to get derby up and running programmatically in >> > embedded mode and with the network connection, however I'm not super >> > sure how to wire up authentication, permissions, ssl/tls, etc. Is >> > there a guide somewhere for configuring this? >> >> Hi Alex, >> >> The Derby Security Guide should have all the information you need: >> http://db.apache.org/derby/docs/10.14/security/index.html >> >> Hope this helps, >> >> -Rick >> >> >
