[ https://issues.apache.org/jira/browse/KNOX-1111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16244186#comment-16244186 ]
Jeff Storck commented on KNOX-1111: ----------------------------------- Agreed, on these improvements. Should be very similar to the addition and management of the useTwoWaySsl filter param. Low level of effort, easy to test. > 2-way SSL Truststore and Keystore Improvements > ---------------------------------------------- > > Key: KNOX-1111 > URL: https://issues.apache.org/jira/browse/KNOX-1111 > Project: Apache Knox > Issue Type: Bug > Components: Server > Reporter: Larry McCay > Assignee: Jeff Storck > Fix For: 0.15.0 > > > Currently, the DefaultHttpClientFactory is setting the 2-way SSL for > dispatches truststore as gateway.jks. This should be driven by configuration > and probably default to cacerts rather than gateway.jks. > The client cert alias inside the keystore should be configurable as well so > that we can possibly have different certs representing different topologies. > In addition, the keystore to host the client certs should be configurable. -- This message was sent by Atlassian JIRA (v6.4.14#64029)