Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-742

Export Commands in KnoxCLI for the gateway-identity Public Cert

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 0.10.0
    • KnoxCLI
    • None

    Description

      In order for the knox admin to be able to provide a PEM or JKS file with the gateway's public cert, we currently need the admin to use keytool or some other tooling for exporting it.

      Keytool isn't always available in deployment environments.

      This patch will add an export command to the KnoxCLI that can export the public cert to a PEM encoded file or create a JKS type keystore that can then be used as a client truststore where appropriate.

      Something like:

      knoxcli.sh export-cert [--type (PEM|JKS)]

      Where the optional type argument defaults to PEM.

      The exported files will be stored in the

      {GATEWAY_HOME}

      /data/security/keystores directory as:

      gateway-identity.pem and gateway-client-trust.jks respectively.

      Attachments

        1. KNOX-742-001.patch
          13 kB
          Larry McCay

        Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. KNOX-733 Add support for custom truststore to Knox shell client

          • Major - Major loss of function.
          • Closed

          Activity

            People

              lmccay Larry McCay
              lmccay Larry McCay
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: