Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Different passwords for key store and trust store -- is it possible? 
On 11/28/2017 7:27 AM, Simone Bordet wrote:

Does Jetty support different passwords for the key store and the trust
store?


Yes.


If so, then based on the info I've provided, is Solr configuring
Jetty correctly?


 From the XML snippet above, yes.
I may have uncovered a wrinkle here. They have the key store and the trust store in the same file. The info I have found says that each individual item in a JKS store can have its own password ... but I wonder if maybe Jetty is mapping passwords to filenames, so that the password gets set when one variable is gathered, and then changed when the the other variable is gathered, which makes one of them fail. Am I on the right or the wrong track here? 


Would we need to upgrade Jetty beyond 9.3.14 for it to work?


Not necessarily, although the current version of Jetty is 9.4.x,
rather than 9.3.x.
This is something we are aware of. The 9.4.0 release was December 2016, but I'm reasonably certain that the last time anyone looked closely at a major upgrade of Jetty was during the preparation for Lucene/Solr 5.0, which was a new major version for us. That release was announced in February 2015. I did look at upgrading Jetty to a 9.4.x version, but there were enough changes that Solr wouldn't compile -- methods were missing, and it wasn't immediately clear to me how to change the code. My upgrade attempt was long enough ago that I no longer remember exactly what the problems were. 

Thanks,
Shawn

Back to the top