> > > Yes. Let's add a separate issue on it. I would think that the proper thing > to do is to add the default truststore content to the truststore used by > sipXconfig (and other java application). Alternatively we can just > distribute several well known CA certs and manage this independently of JVM > defaults. Opinions? >
Solution proposed to: XX-6850 - known CAs needed in sipxconfig truststore I am thinking to create a Java Main class that will receive as parameter the location of a keystore file. When run, all certificates from given keystore will be added to sipXecs's keystore file (authorities.jks) java.security.KeyStore offers support for load/store certificates. Also KeyStore.aliases() returns all available aliases found in the given keystore file. If no keystore file will be sent as parameter, the java program will copy all certificates found in the default jdk certificates file (jssecacerts or cacerts) in the sipXecs's authorities.jks. This program will be executed by sipxconfig.sh just before authorities.jks loading. Also, it can be used if we will implement, at some point the UI interface that will be used by the end user to copy certificates from a given certificates file (proposed by Scott). Any feedback is really appreciated. Thanks, Mircea > D. > > > _______________________________________________ > sipx-dev mailing list [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-dev > Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev > sipXecs IP PBX -- http://www.sipfoundry.org/ >
_______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
