Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure SSL truststore is present at startup #8631

Merged
merged 4 commits into from
Apr 2, 2022
Merged

Ensure SSL truststore is present at startup #8631

merged 4 commits into from
Apr 2, 2022

Conversation

HoussemNasri
Copy link
Member

Follow up on #8583.

  • Change in CHANGELOG.md described in a way that is understandable for the average user (if applicable)
  • Tests created for changes (if applicable)
  • Manually tested changed features in running JabRef (always required)
  • Screenshots added in PR description (for UI changes)
  • Checked developer's documentation: Is the information available and up to date? If not, I outlined it in this pull request.
  • Checked documentation: Is the information available and up to date? If not, I created an issue at https://github.com/JabRef/user-documentation/issues or, even better, I submitted a pull request to the documentation repository.

@Siedlerchr Siedlerchr added the status: ready-for-review Pull Requests that are ready to be reviewed by the maintainers label Apr 1, 2022
@Siedlerchr
Copy link
Member

Just a general question: Does the trustsotre content change with the java version? I might guess that new certifacates are added or revoked. So we need to ensure that we always copy the jdk's truststore in our resources and maybe also merge? the contents when the store already exists from an older version?

@calixtus calixtus merged commit 515e9c1 into JabRef:main Apr 2, 2022
@calixtus
Copy link
Member

calixtus commented Apr 2, 2022

Thanks for the follow up!

@HoussemNasri
Copy link
Member Author

HoussemNasri commented Apr 2, 2022
edited
Loading

@Siedlerchr That is correct; in JDK 17 they removed Telia Company's Sonera Class2 CA Certificate and added 2 HARICA Root CA Certificates. Merging new JDK truststore is an option; it can be done in 3 steps:

  1. Add new truststore to resources.
  2. Remove all jdk certificates from the old truststore at startup.
  3. Finally, update the old truststore with new truststore certificates.

JDK certificates alias follow a specific pattern, so we can filter them in to remove them.

@Siedlerchr
Copy link
Member

Thanks for the explanation. Okay, this seems like it could be implemented as part of a migration process in JabRef.

Siedlerchr added a commit that referenced this pull request Apr 5, 2022
@Siedlerchr
Merge remote-tracking branch 'upstream/main' into lucenceUpgrade
4dcb7f8 
* upstream/main:
  Remove obsolete comments
  Improve key generation (#8641)
  Refine search code (#8636)
  Fix import entry by id does not generate citation key (#8361)
  Update Gradle Wrapper from 7.4.1 to 7.4.2. (#8637)
  Bump hmarr/auto-approve-action from 2.1.0 to 2.2.0 (#8638)
  GitBook: [#57] test
  Citation keygen: Return vonPart if lastName is empty (#8634)
  Ensure SSL truststore is present at startup (#8631)
  Squashed 'buildres/csl/csl-styles/' changes from 6a7b708..21e2177 (#8632)
  Add more tests for FieldChange Class (#8614)
@HoussemNasri HoussemNasri mentioned this pull request Jul 20, 2023
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@calixtus calixtus calixtus approved these changes

@Siedlerchr Siedlerchr Siedlerchr approved these changes

Assignees
No one assigned
Labels
status: ready-for-review Pull Requests that are ready to be reviewed by the maintainers
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@HoussemNasri @Siedlerchr @calixtus