Closed Skyark112 closed 7 years ago
Skyark112
commented
7 years ago So after looking into the Bootstrapper, we set things up and everything worked when we tried it with a ONE WAY ssl handshake. Since there's nothing verifying with a trust store there is no two way ssl auth. Can I request this be added to the code?
ujibang
commented
7 years ago hi @Skyark112
I added this task to our backlog https://softinstigate.atlassian.net/browse/RH-237
and also tried a first implementation, but I haven't tested it. can you check if it makes it.
you can download the snapshot build from sonatype. take the latest build from there.
mkjsix
commented
7 years ago @Skyark112 if you don't have any news I'll close this.
Skyark112
commented
7 years ago Hey! Sorry we've been hard at work on a major release version. I haven't been able to test so I'll close this. I can open it up again or create a new issue if I have time to test this after the release.
Thanks for all your help!
mkjsix
commented
7 years ago Yes please, when possibile let us know if it works for you. External testing would help us a lot improving the product.
Thank you
Hey guys,
I've been messing around a lot with the SSL authentication between other applications and RestHEART and I can't seem to get it to work.
I created a cert for the keystore via: http://stackoverflow.com/questions/906402/importing-an-existing-x509-certificate-and-private-key-in-java-keystore-to-use-i and I was able to combine the crt and secret key and added it into my keystore.
I then set the following in the config file:
I then gave my cert to the client to add to his truststore. I just wanted to check if this is the correct way to set it up, because we've been getting various errors. Is there anything else that we have to do other than this?
I also wanted to check if restheart is capable of a two way ssl handshake. I see the keystore option in the config, but no truststore.
Thanks for all your help!