Allow trust and identitystores to be of different type


The type of certificate stores that are either used for 'trust' of 'identity' is currently already configurable (it defaults to 'jks', which is expected to be used by the vast majority of Openfire instances, as that's the type used for the keystore files that ship with Openfire). For each connection type, a setting can be set that affects the type of both the truststore as well as identitystore of that connection type.

To allow for more flexibility, a configuration option should be added that allows the identity store and trust store to have different types.

Although this appears overkill at first (which is likely why this level of granularity wasn't included up until now), this configuration option can be used to leverage a Windows-specific feature of JVMs: by configurating the type of "Windows-ROOT" and "Windows-MY" for trust stores, respectively identity stores, Openfire, in theory, could integrate with the Windows-provided certificate stores.




Guus der Kinderen


Guus der Kinderen