Page Comparison

The TLS support uses a keystore file, generated by using the Java standard tool keytool. For further information about keytool, see the JDK product documentation.

TLS is configured with properties that are typically set on the container level. 

The available properties are:

• picopico.rcp.tls.keystore

  Use this property to set keystore path and to enable use of TLS for all RCP connections that are not from the local host. If this property is not set, TLS will not be used. 

  Code Block
  theme language text Eclipse
  $ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.keystore"' <keystore path>

• pico.rcp.tls.keystore.alias
  Use this property if the keystore contains multiple private keys. RCP will prefer to use the key with this keystore alias. If it is not set and the keystore contains more than one private key, it is undefined which key is used.

  Code Block
  language text theme Eclipse
  $ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.keystore.alias"' <alias>

• pico.rcp.tls.keystore.password
  Use this property to set the password for the keystore, as selected in keytool. 

  Code Block
  theme language text Eclipse
  $ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.keystore.password"' \  `mzsh encryptpassword <password>`

• pico.rcp.tls.key.password
  Use this property to set password for the key, as chosen in keytool. By default this is the same as the keystore password. (This is the default for keytool). 

  Code Block
  language text theme Eclipse
  $ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.key.password"' \  `mzsh encryptpassword <password>`

• pico.rcp.tls.require_clientauth
  Use this property if client authentication (two-way authentication) is required. The default value is false.

  Code Block
  language text theme Eclipse
  $ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.require.clientauth"' true