KeyStore (deprecated)
| This object is deprecated; use KeyStoreSecretStore instead. For more information, refer to the Deprecated section of the Release Notes. |
The configuration for a Java KeyStore, which stores cryptographic private keys and public key certificates.
| Legacy keystore types such as JKS and JCEKS are supported but are not secure. Consider using the PKCS#12 keystore type. |
Usage
{
"name": name,
"type": "KeyStore",
"config": {
"url": configuration expression<url>,
"passwordSecretId": configuration expression<secret-id>,
"type": configuration expression<string>,
"secretsProvider": SecretsProvider reference
}
}Properties
"url": configuration expression<url>, required-
URL to the keystore file.
See also Expressions.
"passwordSecretId": configuration expression<secret-id>, optional-
The secret ID of the password required to read private keys from the KeyStore.
This secret ID must point to a GenericSecret.
If the KeyStore is used as a truststore to store only public key certificates of peers and no password is required to do so, then you do not have to specify this field.
Default: No password is set.
See also Expressions.
"type": configuration expression<string>, optional-
The secret store type.
"secretsProvider": SecretsProvider reference, required-
The SecretsProvider to query for the keystore password.
Example
The following example configures a KeyStore that references the Java KeyStore
file $HOME/keystore.p12. The KeyStore password is provided by a Java
system property or environment variable, and retrieved by the
SystemAndEnvSecretStore. By default, the password value must be base64-encoded.
{
"name": "MyKeyStore",
"type": "KeyStore",
"config": {
"url": "file://${env['HOME']}/keystore.p12",
"passwordSecretId": "keystore.secret.id",
"secretsProvider": "SystemAndEnvSecretStore"
}
}