hanicz opened a new pull request, #1237: URL: https://github.com/apache/knox/pull/1237
(It is very **important** that you created an Apache Knox JIRA for this change and that the PR title/commit message includes the Apache Knox JIRA ID!) [KNOX-3326](https://issues.apache.org/jira/browse/KNOX-3326) - Add SSL configuration for Oracle DB support ## What changes were proposed in this pull request? Adds SSL configuration support to Oracle DB ## How was this patch tested? Tested with an actual Oracle DB that had TCPS setup ``` <property> <name>gateway.service.tokenstate.impl</name> <value>org.apache.knox.gateway.services.token.impl.JDBCTokenStateService</value> </property> <property> <name>gateway.database.connection.url</name> <value>jdbc:oracle:thin:@tcps://host:2484/FREEPDB1?oracle.net.ssl_server_dn_match=false</value> </property> <property> <name>gateway.database.type</name> <value>oracle</value> </property> <property> <name>gateway.database.ssl.enabled</name> <value>true</value> </property> <property> <name>gateway.database.ssl.verify.server.cert</name> <value>true</value> </property> <property> <name>gateway.database.ssl.truststore.file</name> <value>/tmp/oracle_truststore.jks</value> </property> ``` `install/knox-3.0.0-SNAPSHOT/bin/knoxcli.sh generate-jwk --saveAlias knox.token.hash.key` `install/knox-3.0.0-SNAPSHOT/bin/knoxcli.sh create-aliases --alias gateway_database_user --value knox_user --alias gateway_database_password --value mypw23 --alias gateway_database_ssl_truststore_password --value mypw22` ``` SQL> select * from KNOX_TOKENS; TOKEN_ID -------------------------------------------------------------------------------- ISSUE_TIME EXPIRATION MAX_LIFETIME ---------- ---------- ------------ 6263c147-27cb-4ebd-970a-6c043a56e0e6 1.7793E+12 1.7793E+12 1.7799E+12 6fd0abee-5929-4c8e-946b-837651676a6f 1.7793E+12 1.7793E+12 1.7799E+12 ``` <img width="1903" height="781" alt="image" src="https://github.com/user-attachments/assets/fedd8813-1e5a-4e9c-a349-3c0ea0f2e53f"; /> <img width="1913" height="403" alt="image" src="https://github.com/user-attachments/assets/5ebf826d-6dc6-4e9e-81ed-bae7f42fa8ee"; /> ## Integration Tests N/A ## UI changes N/A -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
