trustDefaultCerts=true by default in liberty configuration (server.xml) #2271

JohnTimm · 2021-04-22T18:06:29Z

Per OpenLiberty documentation (https://openliberty.io/docs/21.0.0.3/reference/config/ssl.html):

Specifies whether the trust manager can establish trust by using the  default certificates. If set to true, then the default certificates are  used in addition to the configured truststore file to establish trust.  The attribute is set to false by default.

The text was updated successfully, but these errors were encountered:

Signed-off-by: John T.E. Timm <johntimm@us.ibm.com>

* Issue #2269 - support multiple graph term service providers Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2269 - doc updates Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2271 - update default liberty config Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2271 - moved to configDropins/defaults/trustDefaultCerts.xml Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2271 - renamed to trustDefault.xml to match env variable approach Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2198 - added FHIR terminology service diagram Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2198 - doc updates per PR feedback Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2198 - change configuration to configurations Signed-off-by: John T.E. Timm <johntimm@us.ibm.com> * Issue #2271 - update docs for trustDefault.xml config dropin Signed-off-by: John T.E. Timm <johntimm@us.ibm.com>

prb112 · 2021-04-27T00:03:45Z

Already added - moved to QA
https://github.com/IBM/FHIR/blob/d4a7538816320c473178631abfadc6520f632703/fhir-server/liberty-config/configDropins/defaults/trustDefault.xml

kmbarton423 · 2021-05-05T15:02:03Z

Built/ran Docker container with default FHIR server configuration.
Added SNOMED to the FHIR server configuration (remoteTermServiceProviders).
Confirmed successful code lookup to SNOMED when variable SEC_TLS_TRUSTDEFAULTCERTS defaults true.

Below are the contents of trustDefault.xml:

<server description="fhir-server"> <ssl id="defaultSSLConfig" trustDefaultCerts="${SEC_TLS_TRUSTDEFAULTCERTS}"/> <variable name="SEC_TLS_TRUSTDEFAULTCERTS" defaultValue="true"/> </server>

JohnTimm self-assigned this Apr 22, 2021

JohnTimm added a commit that referenced this issue Apr 22, 2021

Issue #2271 - update default liberty config

703f885

Signed-off-by: John T.E. Timm <johntimm@us.ibm.com>

JohnTimm added a commit that referenced this issue Apr 22, 2021

Issue #2271 - moved to configDropins/defaults/trustDefaultCerts.xml

17ce66e

Signed-off-by: John T.E. Timm <johntimm@us.ibm.com>

JohnTimm added a commit that referenced this issue Apr 22, 2021

Issue #2271 - renamed to trustDefault.xml to match env variable approach

942de35

Signed-off-by: John T.E. Timm <johntimm@us.ibm.com>

JohnTimm added a commit that referenced this issue Apr 22, 2021

Issue #2271 - update docs for trustDefault.xml config dropin

d631583

Signed-off-by: John T.E. Timm <johntimm@us.ibm.com>

prb112 added the enhancement New feature or request label Apr 26, 2021

kmbarton423 closed this as completed May 5, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

trustDefaultCerts=true by default in liberty configuration (server.xml) #2271

trustDefaultCerts=true by default in liberty configuration (server.xml) #2271

JohnTimm commented Apr 22, 2021

prb112 commented Apr 27, 2021

kmbarton423 commented May 5, 2021 •

edited

Loading

trustDefaultCerts=true by default in liberty configuration (server.xml) #2271

trustDefaultCerts=true by default in liberty configuration (server.xml) #2271

Comments

JohnTimm commented Apr 22, 2021

prb112 commented Apr 27, 2021

kmbarton423 commented May 5, 2021 • edited Loading

kmbarton423 commented May 5, 2021 •

edited

Loading