JMX: How to select one Key of a Java-Keystore

Asked Feb 07 '19 at 16:47

Active Feb 07 '19 at 16:47

Viewed 205 times

To enable SSL at different JVM instances and also for other security related purposes I use different Java keystores at different hosts. Until now I put each key into one keystore. For security and maintenance reasons as well and also to use more than one key in different use cases in one JVM, I want to group the keys for each JVM into one keystore.

My Question: How do I select a certain key for different use cases, if I put more than one key into a keystore?

The Question in detail: If I setup JMX over SSL for remote monitoring, which key will the JVM use for the JMX-Session if the JVM-property javax.net.ssl.keyStore points to a keystore that holds multiple keys?

asked Feb 07 '19 at 16:47

shylynx

This question was addressed in 2014 in https://stackoverflow.com/questions/23527426/how-is-the-ssl-client-certificate-chosen-when-there-are-multiple-matching-certif. At the time there was no conclusive solution other than creating your own KeyManager. Don't know for sure thoug if there is out-of-the box support for explicit selection of client certs nowadays. – Christoph Aug 26 '19 at 17:35

JMX: How to select one Key of a Java-Keystore

0 Answers0