Karsten Otto created JAMES-3673:
-----------------------------------
Summary: Separate trust store for S3
Key: JAMES-3673
URL: https://issues.apache.org/jira/browse/JAMES-3673
Project: James Server
Issue Type: Improvement
Components: Blob
Affects Versions: master
Reporter: Karsten Otto
Since James supports S3 blob storage access via HTTPS, it should be possible to
configure a specific trust store for validating the S3 server certificate. This
lets users "pin" the server certificate, and better separate the trust realms
of infrastructure and public services (SMTP, IMAP etc.).
This can be achieved in blob.properties with the usual set of configuration
options for such cases, such as:
{code:java}
objectstorage.s3.truststore.path=/conf/s3trust.p12
objectstorage.s3.truststore.type=PKCS12
objectstorage.s3.truststore.secret=yoursecret
objectstorage.s3.truststore.algorithm=SunX509 {code}
T-Shirt size M.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
