[
https://issues.apache.org/jira/browse/ARTEMIS-5599?focusedWorklogId=1012067&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1012067
]
ASF GitHub Bot logged work on ARTEMIS-5599:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 29/Mar/26 17:58
Start Date: 29/Mar/26 17:58
Worklog Time Spent: 10m
Work Description: hyperxpro opened a new pull request, #6325:
URL: https://github.com/apache/artemis/pull/6325
Motivation:
A JKS keystore can have a private key password that differs from the
keystore password (e.g. keytool -genkey -storepass keystore123 -keypass
keypass123). Currently, Artemis uses keyStorePassword for both opening the
keystore and accessing the private key, so such keystores cannot be used.
Modification:
Added a new keyPassword parameter to the Netty SSL acceptor and connector
configuration. When set, it is used to access the private key; when not set,
keyStorePassword is used as before.
Result:
Fixes: [ARTEMIS-5599](https://issues.apache.org/jira/browse/ARTEMIS-5599)
Issue Time Tracking
-------------------
Worklog Id: (was: 1012067)
Remaining Estimate: 0h
Time Spent: 10m
> Support key password in Netty SSL
> ---------------------------------
>
> Key: ARTEMIS-5599
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5599
> Project: Artemis
> Issue Type: New Feature
> Reporter: Manuel K
> Priority: Major
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> This is a feature request for adding a new parameter for a key password in
> addition to the keystore password to Netty SSL:
> [https://activemq.apache.org/components/artemis/documentation/latest/configuring-transports.html#configuring-netty-ssl]
> The feature was originally discussed in the mailing list:
> [https://lists.apache.org/thread/5h71gp97dj7r5kzrwodkrgvl2yt85056]
> A JKS keystore, where the keystore is secured with a password and the
> key/certificate is secured with another password, can be created using Java's
> keytool:
> {code:java}
> keytool -genkey -alias brokertest -keyalg RSA -keystore brokertest.ks
> -storetype JKS -storepass keystore123 -keypass keypass123 {code}
> Other keystore types support this as well, but cannot be created using
> {_}keytool{_}.
> Suggested names for the parameter areĀ _keyPassword_ (maybe more appropriate
> in an independent environment) or _keyManagerPassword_ (a term coined by
> Elytron/WildFly).
> Let me know if any additional information is needed. Thank you very much in
> advance!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
