TrustManager (deprecated)
This object is deprecated. Use SecretsTrustManager instead. |
The configuration of a Java Secure Socket Extension TrustManager to manage trust material (typically X.509 public key certificates) for PingGateway. The configuration references the keystore that holds the trust material.
When PingGateway acts as a client, it uses a trust manager to verify that the server is trusted. When PingGateway acts as a server, it uses a trust manager to verify that the client is trusted.
Usage
{
"name": string,
"type": "TrustManager",
"config": {
"keystore": KeyStore reference,
"alg": configuration expression<string>
}
}
Properties
"keystore"
: KeyStore reference, required-
The KeyStore (deprecated) object that references the store for key certificates. When
keystore
is used in a KeyManager, it queries for private keys; whenkeystore
is used in a TrustManager, it queries for certificates.Provide either the name of the keystore object defined in the heap or an inline keystore configuration object.
"alg"
: configuration expression<string>, optional-
The certificate algorithm to use.
Default: the default for the platform, such as
SunX509
.
Example
The following example configures a trust manager that depends on a KeyStore configuration. This configuration uses the default certificate algorithm:
{
"name": "MyTrustManager",
"type": "TrustManager",
"config": {
"keystore": {
"type": "KeyStore",
"config": {
"url": "file://${env['HOME']}/keystore.p12",
"passwordSecretId": "${system['keypass']}",
"secretsProvider": "SystemAndEnvSecretStore"
}
}
}
}