Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-3129

Keystore is used instead of truststore for validating client certificates

    XMLWordPrintable

    Details

    • Issue discovered during:
      Other

      Description

      The build scripts for JBoss 7/EAP 6 erroneously use the same JKS file (and same password) for both the web keystore and truststore.

      The error was introduced in bin/jboss.xml connector configuration, for both the 8443 and 8442 connectors. The configuration references the web keystore file instead of truststore file, and it also lacks the setting for truststore password (ca-certificate-password).

        Attachments

          Activity

            People

            Assignee:
            branko Branko Majic (Inactive)
            Reporter:
            branko Branko Majic (Inactive)
            Verified by:
            Tomas Gustavsson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 4 hours
                4h
                Remaining:
                Time Spent - 3 hours Remaining Estimate - 1 hour
                1h
                Logged:
                Time Spent - 3 hours Remaining Estimate - 1 hour
                3h