Extracting a trustore credential reference
mbsakho Nov 12, 2018 10:13 AMHello everyone,
I would like to extract the credential reference value from an elytron truststore in order to reference in my Keycloak trsustore SPI.
The extract below is my truststore:
<key-stores>
<key-store name="kcTrustStore">
<credential-reference clear-text="bWJD4xV9ylcfAHHm6S8VMviQ0Q8zpoQ/pwI02zsDQnQ="/>
<implementation type="JKS"/>
<file path="/opt/jboss/keycloak/standalone/configuration/keystores/truststore.jks"/>
</key-store>
</key-stores>
The cli command below let me get access to the credential-reference but not the value itself:
/subsystem=elytron/key-store=kcTrustStore:read-attribute(name=credential-reference)
The truststore SPI is configured like below:
<spi name="truststore">
<provider name="file" enabled="true">
<properties>
<property name="file" value="path to your .jks file containing public certificates"/>
<property name="password" value="password"/>
<property name="hostname-verification-policy" value="WILDCARD"/>
<property name="disabled" value="false"/>
</properties>
</provider>
</spi>
The cli commands below let me configure the SPI parameters execpt for the password value (in bold)
/subsystem=keycloak-server/spi=truststore:add
/subsystem=keycloak-server/spi=truststore/provider=file:add(enabled=true)
/subsystem=keycloak-server/spi=truststore/provider=file/:map-put(name=properties,key=file, value=/opt/jboss/keycloak/standalone/configuration/keystores/truststore.jks)
/subsystem=keycloak-server/spi=truststore/provider=file/:map-put(name=properties,key=password, value={clear-text=$keycloak_tls_truststore_password})
/subsystem=keycloak-server/spi=truststore/provider=file/:map-put(name=properties,key=hostname-verification-policy, value="WILDCARD")
How could I extract the the credential-reference in order to put ii in my SPI?
Can I put it in a cli system-property for example?
Regards,
Meissa