Project

General

Profile

Task #3343

Story #3342: support use of dataone-trusted-CAs in libclient_java and python

configure CertificateManager to look for trusted certificates outside of package

Added by Rob Nahf about 12 years ago. Updated almost 12 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
d1_libclient_java
Start date:
2012-10-18
Due date:
% Done:

100%

Milestone:
None
Product Version:
*
Story Points:
Sprint:

Description

The trick here is predefining the location for the replacement d1-trusted-certs files. This should probably be a location common for libclient_python-based and libclient_java-based tools. An enduser of multiple tools would like to not have to repeat the process for each tool they use.

History

#1 Updated by Rob Nahf about 12 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 70

committed a proof-of-concept to trunk/libclient_java, where the existing d1-trusted-certs.crt file is wired into the TrustManager, and an auxiliary location is designated (outside of libclient jar) as a place to get updates.

#2 Updated by Rob Nahf about 12 years ago

  • Status changed from In Progress to Testing

#3 Updated by Rob Nahf about 12 years ago

  • % Done changed from 70 to 90

fixed how server trust is implemented following spot integration tests against DEV environment. Needed to allow for trust when the server certificate chain was incomplete. Now will trust based on a certificate's issuer DN as well.

Tested successfully in d1_client_r

#4 Updated by Chris Jones almost 12 years ago

  • Target version changed from Sprint-2012.41-Block.6.1 to Sprint-2012.50-Block.6.4

#5 Updated by Rob Nahf almost 12 years ago

  • Status changed from Testing to Closed
  • translation missing: en.field_remaining_hours set to 0.0

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)