0

如何在 thorntail 应用程序上添加 ssl trustStore 和 trustStorePassword,使用 config project-defaults yaml 或使用 wildfly Standalone.xml。

这是如何使用 yaml 添加 keyStore 及其 keyStorePassword

thorntail:
  management:
    http:
      port: 8010
    security-realms:
      ApplicationRealm:
        jaas-authentication:
          name: OSecDom
        ssl-server-identity:
          alias: ${private.key.alias}
          keystore-provider: ${javax.net.ssl.keyStoreType}
          keystore-path: ${javax.net.ssl.keyStore}
          keystore-password: ${javax.net.ssl.keyStorePassword}

是否可以使用 thorntail,而无需将 ssl trustStore 添加为 Java - JVM 参数,如下所示。

RUN_ARGS="-jar -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -Djavax.net.ssl.trustStore=/opt/myscerts/cacerts -Djavax.net.ssl.trustStorePassword=changeit  ${PROJECT_ARTIFACT} -P ${PROJECT_PROP} -s ${PROJECT_CONFIG}"
/usr/lib/java/jdk-11.0.5/bin/java $RUN_ARGS $*
4

1 回答 1

1

可以添加信任库:

thorntail:
  management:
    security-realms:
      my-ssl-realm:
        ssl-server-identity:
          keystore-path: server-keystore.jks
          keystore-password: server-password
          alias: server-key
          key-password: server-password
        truststore-authentication:
          keystore-path: server-truststore.jks
          keystore-password: server-password

请参阅https://github.com/rhoar-qe/thorntail-test-suite/tree/master/protocols了解几个完整的示例,同时使用旧版安全性和 Elytron。

于 2020-07-26T14:44:27.497 回答