iitsoftware
commented
4 years ago This should be a class that allows to add a PEM file to the JKS key/trust store under a name and to remove it by using that name. So it exposes the two methods addCert(name, pem) and removeCert(name).
This concerns Streams that create a TLS connection. The best would be to have these TLS certs isolated per Stream (like a dedicated class loader). An idea is to put them into a persistent memory and then load them into a central key store during Stream start. Or to create a key/trust store per Stream, load the certs into it at Stream start and chain it to the JVM's key/trust store so that they can be found by standard Java mechanism.