Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-1501

Use 'most appropriate' certificate when multiple are available.

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.2.3
    • Component/s: TLS
    • Labels:
      None

      Description

      When the identity store contains more than one certificate, it's up to the implementation of the KeyManager factory to decide which one is actually used.

      I've observed that from a store that contains two certificates, the one that is expired was picked by the default implementation.

      Openfire should be modified to use an implementation that favors the 'best fit' - an unexpired certificate, for example.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              guus Guus der Kinderen
              Reporter:
              guus Guus der Kinderen
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: