Task #3343
Story #3342: support use of dataone-trusted-CAs in libclient_java and python
configure CertificateManager to look for trusted certificates outside of package
100%
Description
The trick here is predefining the location for the replacement d1-trusted-certs files. This should probably be a location common for libclient_python-based and libclient_java-based tools. An enduser of multiple tools would like to not have to repeat the process for each tool they use.
History
#1 Updated by Rob Nahf over 11 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 70
committed a proof-of-concept to trunk/libclient_java, where the existing d1-trusted-certs.crt file is wired into the TrustManager, and an auxiliary location is designated (outside of libclient jar) as a place to get updates.
#2 Updated by Rob Nahf over 11 years ago
- Status changed from In Progress to Testing
#3 Updated by Rob Nahf over 11 years ago
- % Done changed from 70 to 90
fixed how server trust is implemented following spot integration tests against DEV environment. Needed to allow for trust when the server certificate chain was incomplete. Now will trust based on a certificate's issuer DN as well.
Tested successfully in d1_client_r
#4 Updated by Chris Jones over 11 years ago
- Target version changed from Sprint-2012.41-Block.6.1 to Sprint-2012.50-Block.6.4
#5 Updated by Rob Nahf over 11 years ago
- Status changed from Testing to Closed
- translation missing: en.field_remaining_hours set to 0.0
