Elytron 4.0 (Wildfly 14)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Elytron 4.0 (Wildfly 14)

Nikola Malenic

Is it possible to put only root CA’s certificate in the server truststore and to let users authenticate with certificates signed by this CA?

Currently, it throws an error when it tries to bind decoded user principal to the alias in truststore, which has only CA’s certificate.

 

I suppose this is possible, but is there any easy(detailed) tutorial on this since I’m not familiar with the whole architecture of the Elytron, and documentation is pretty modest?


_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev
Reply | Threaded
Open this post in threaded view
|

Re: Elytron 4.0 (Wildfly 14)

Martin Choma
Best place to ask this question is on forum [1]. This mailing list is
for WildFly developers discussions.
Anyway, I think you are looking for feature documented by [2]

[1] https://developer.jboss.org/en/wildfly/content
[2] https://issues.jboss.org/browse/WFLY-10553

On Wed, Nov 14, 2018 at 10:50 AM, Nikola Malenic
<[hidden email]> wrote:

> Is it possible to put only root CA’s certificate in the server truststore
> and to let users authenticate with certificates signed by this CA?
>
> Currently, it throws an error when it tries to bind decoded user principal
> to the alias in truststore, which has only CA’s certificate.
>
>
>
> I suppose this is possible, but is there any easy(detailed) tutorial on this
> since I’m not familiar with the whole architecture of the Elytron, and
> documentation is pretty modest?
>
>
> _______________________________________________
> wildfly-dev mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/wildfly-dev

_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev