Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure SSL truststore is present at startup #8631

Merged
merged 4 commits into from
Apr 2, 2022
Merged

Ensure SSL truststore is present at startup #8631

merged 4 commits into from
Apr 2, 2022

Conversation

HoussemNasri
Copy link
Member

Follow up on #8583.

  • Change in CHANGELOG.md described in a way that is understandable for the average user (if applicable)
  • Tests created for changes (if applicable)
  • Manually tested changed features in running JabRef (always required)
  • Screenshots added in PR description (for UI changes)
  • Checked developer's documentation: Is the information available and up to date? If not, I outlined it in this pull request.
  • Checked documentation: Is the information available and up to date? If not, I created an issue at https://github.com/JabRef/user-documentation/issues or, even better, I submitted a pull request to the documentation repository.

@Siedlerchr Siedlerchr added the status: ready-for-review Pull Requests that are ready to be reviewed by the maintainers label Apr 1, 2022
@Siedlerchr
Copy link
Member

Just a general question: Does the trustsotre content change with the java version? I might guess that new certifacates are added or revoked. So we need to ensure that we always copy the jdk's truststore in our resources and maybe also merge? the contents when the store already exists from an older version?

@calixtus calixtus merged commit 515e9c1 into JabRef:main Apr 2, 2022
@calixtus
Copy link
Member

calixtus commented Apr 2, 2022

Thanks for the follow up!

@HoussemNasri
Copy link
Member Author

HoussemNasri commented Apr 2, 2022

@Siedlerchr That is correct; in JDK 17 they removed Telia Company's Sonera Class2 CA Certificate and added 2 HARICA Root CA Certificates. Merging new JDK truststore is an option; it can be done in 3 steps:

  1. Add new truststore to resources.
  2. Remove all jdk certificates from the old truststore at startup.
  3. Finally, update the old truststore with new truststore certificates.

JDK certificates alias follow a specific pattern, so we can filter them in to remove them.

@Siedlerchr
Copy link
Member

Thanks for the explanation. Okay, this seems like it could be implemented as part of a migration process in JabRef.

Siedlerchr added a commit that referenced this pull request Apr 5, 2022
* upstream/main:
  Remove obsolete comments
  Improve key generation (#8641)
  Refine search code (#8636)
  Fix import entry by id does not generate citation key (#8361)
  Update Gradle Wrapper from 7.4.1 to 7.4.2. (#8637)
  Bump hmarr/auto-approve-action from 2.1.0 to 2.2.0 (#8638)
  GitBook: [#57] test
  Citation keygen: Return vonPart if lastName is empty (#8634)
  Ensure SSL truststore is present at startup (#8631)
  Squashed 'buildres/csl/csl-styles/' changes from 6a7b708..21e2177 (#8632)
  Add more tests for FieldChange Class (#8614)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
status: ready-for-review Pull Requests that are ready to be reviewed by the maintainers
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants