First I'd like to request the same feature described in https://github.com/Ecwid/consul-api/issues/129. That is it should be possible to specify a custom truststore for consul without having a client certificate or vice versa.
Third the wording of the attributes in TLSConfig might lead to mistakes. Especially the keyStoreInstanceType is used for the certificate store only. But the other attributes keyStorePath and keyStorePassword are used to configure the truststore. That is it would be logical to assume keyStoreInstanceType refers to the truststore as well.
First I'd like to request the same feature described in https://github.com/Ecwid/consul-api/issues/129. That is it should be possible to specify a custom truststore for consul without having a client certificate or vice versa.
Second the configuration always requires a password for the certificate and truststore. It's not possible to have a truststore without password, as this would require to provide
null
toKeyStore.load
in https://github.com/Ecwid/consul-api/blob/5a55fc8b2aa88d9903b7db5e85991379d9ebce29/src/main/java/com/ecwid/consul/transport/DefaultHttpsTransport.java#L45Third the wording of the attributes in TLSConfig might lead to mistakes. Especially the
keyStoreInstanceType
is used for the certificate store only. But the other attributeskeyStorePath
andkeyStorePassword
are used to configure the truststore. That is it would be logical to assumekeyStoreInstanceType
refers to the truststore as well.https://github.com/Ecwid/consul-api/blob/5a55fc8b2aa88d9903b7db5e85991379d9ebce29/src/main/java/com/ecwid/consul/transport/TLSConfig.java#L24
Are you willing to accept pull requests for these issues?