Bug 1510213

Summary: ability to create a java trust store from a Service Serving Certificate Secrets
Product: OpenShift Container Platform Reporter: raffaele spazzoli <rspazzol>
Component: RFEAssignee: Paul Weil <pweil>
Status: CLOSED WONTFIX QA Contact: Xiaoli Tian <xtian>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.6.0CC: aos-bugs, erich, jokerman, mmccomas, pweil
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-02-12 19:54:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description raffaele spazzoli 2017-11-06 23:36:20 UTC 
Description of problem:
a Service Serving Certificate Secrets[1] will create certificates and private key in PEM format but java applications need that information in truststores and keystores.

This new feature would add the ability to create also truststores and keystores in the (same) secret. This feature could be activated by an additional annotation.

[1]: https://docs.openshift.com/container-platform/3.5/dev_guide/secrets.html#service-serving-certificate-secrets


In alternative our images for java based middleware (AMQ, JDG ...) should learn to consume certificates in PEM format.
Comment 2 raffaele spazzoli 2018-03-07 14:39:35 UTC 
we solved the problem as described here:
https://developers.redhat.com/blog/2017/11/22/dynamically-creating-java-keystores-openshift/

for me this issue can be closed.