'[jira] [Commented] (HTTPCORE-682) Should be possible to specify the provider for key manager/trust m'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       httpclient-commons-dev
Subject:    [jira] [Commented] (HTTPCORE-682) Should be possible to specify the provider for key manager/trust m
From:       "Pawel Veselov (Jira)" <jira () apache ! org>
Date:       2021-07-07 17:13:00
Message-ID: JIRA.13388054.1625621001000.706075.1625677980326 () Atlassian ! JIRA
[Download RAW message or body]


    [ https://issues.apache.org/jira/browse/HTTPCORE-682?page=com.atlassian.jira.plugi \
n.system.issuetabpanels:comment-tabpanel&focusedCommentId=17376722#comment-17376722 ] \


Pawel Veselov commented on HTTPCORE-682:
----------------------------------------

[~olegk] Yes, unfortunately, that provider is only used to create the SSL context, \
but not the trust/key manager factories. The stores also can be loaded using a custom \
provider, but at least that can be done outside of SSL context builder, and provided \
directly using the corresponding overloaded method. I've created \
https://github.com/apache/httpcomponents-core/pull/295

> Should be possible to specify the provider for key manager/trust manager
> ------------------------------------------------------------------------
> 
> Key: HTTPCORE-682
> URL: https://issues.apache.org/jira/browse/HTTPCORE-682
> Project: HttpComponents HttpCore
> Issue Type: Improvement
> Components: HttpCore
> Affects Versions: 4.4.14, 5.1
> Reporter: Pawel Veselov
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
> 
> {{SSLContextBuilder}} always uses default {{getInstance()}} method to get the trust \
> or key manager factory. Unlike {{SSLContext}} that supports having a provider \
> explicitly specified. Since there is no way to specify trust or key managers \
> explicitly, the only way to make a desired trust manager load is to meddle with the \
> security providers, which is not always desirable or possible. So, it would be \
>                 great if the SSL context builder allowed for either of:
> * Use currently specified (using {{setProvider()}}) provider/provider name when \
>                 loading trust/key managers
> * Support specifying the provider for trust/key managers explicitly
> * Support specifying trust managers or key managers explicitly



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic