Is it possible to configure SSL with PEM certificate types?
Hi all, I'm new to this group and currently working getting an implementation of Gremlin (Aerospike Graph) to listen over SSL.
The certificates we get from our provider's API are only served in PEM format. It appears, according to the documentation that the
Is this true? Is there any way for us to configure SSL with PEM format certificates?
The error message when I attempt to set
The certificates we get from our provider's API are only served in PEM format. It appears, according to the documentation that the
keyStoreType and trustStoreType either JKS or PKCS12 format: https://tinkerpop.apache.org/javadocs/current/full/org/apache/tinkerpop/gremlin/server/Settings.SslSettings.htmlIs this true? Is there any way for us to configure SSL with PEM format certificates?
The error message when I attempt to set
keyStoreType or trustStoreType to PEM makes it appear as though it's defaulting to PKCS12.Solution
Hi @joshb, am I correct in assuming you are using the Java driver to connect to Aerospike? The java driver uses the JSSE keyStore and trustStore, which as far as I understand does not support the PEM format. You may be able to use a 3rd party tool such as openssl to convert from PEM to PKCS12 (https://docs.openssl.org/1.1.1/man1/pkcs12/).
Perhaps @aerospike folks may have more direct recommendations for driver configuration.
Perhaps @aerospike folks may have more direct recommendations for driver configuration.
