Approvals: 0/1
[00:40:25] <xkr47> temporal_, https://gist.github.com/xkr47/457fd13c45bd84764fcd80151f19ffa3
[00:40:39] <xkr47> totally untested.. COMPILES!
[00:41:07] <temporal_>
[00:41:11] <temporal_> does it pass a test ?
[00:41:46] <xkr47> that depedns on the test lol
[00:42:04] <temporal_> getCertificateChain(hostname)
[00:42:21] <temporal_> which certificate does it return ?
[00:42:47] <xkr47> whatever the SunX509KeyManagerImpl provides
[00:43:10] <xkr47> SunX509KeyManagerImpl.X509Credentials var2 = (SunX509KeyManagerImpl.X509Credentials)this.credentialsMap.get(var1);
[00:43:13] <xkr47> return var2 == null?null:(X509Certificate[])var2.certificates.clone();
[00:43:44] <temporal_> it uses alias
[00:43:56] <temporal_> javadoc says
[00:43:57] <temporal_> getCertificateChain(String alias)
[00:44:01] <temporal_> Returns the certificate chain associated with the given alias.
[00:44:06] <temporal_> so it uses keystore aliases
[00:44:19] <temporal_> so this actually can be implemented only with keystore I think
[00:44:26] <temporal_> and no pem support
[00:44:47] <temporal_> for pem a mapping would be needed
[00:45:06] <xkr47> you mean when you have cert & key as separate pem files?
[00:47:01] <temporal_> no
[00:47:28] <temporal_> I mean that on server we support keystore / pkcs12 and / privatekey+cert as pem
[00:47:42] <temporal_> keystore provides several entries with alias
[00:47:54] <temporal_> but in case of pem : there is only one single file
[00:48:08] <temporal_> I find convenient to map sni server name on keystore alias
[00:48:24] <xkr47> hmmkay
[00:48:25] <temporal_> but in case of pem there is no mapping and one should provide a map or something like that
[00:48:37] <temporal_> but maybe it's enough to just support for keystore
[00:48:40] <temporal_> I don't know
[00:48:46] <temporal_> just brainstorming
[00:48:55] <xkr47> currently the KeyCert inner class in KeyStoreHelper doesn't add any aliases when it loads the PEMs
[00:49:29] <xkr47> since that obviously wasn't needed
[00:50:03] <xkr47> how about a KeyStoreBuilder..
[00:50:48] <xkr47> new KeyStoreBuilder().addPem(cert1, key1).addPem(cert2, key2, aliasMap2).addKeyStoreFile(“foo.jks”).build()
[00:51:11] <temporal_> it would rather be named
[00:51:13] <xkr47> now when it comes to PKCS12 vs JKS keystores I have _NO_ idea what the difference is
[00:51:18] <temporal_> KeyCertBuilder
[00:51:22] <temporal_> the damn format!
[00:51:31] <xkr47> is there in-memeory differencies?
[00:51:39] <temporal_> no it's the same in memory
[00:51:43] <xkr47> sure I knew the disk files differed, duh :D
[00:51:49] <xkr47> ok
[00:51:56] <temporal_> at the end of the day in memory it's just cert and keys
[00:52:22] <xkr47> I thought aliases etc
[00:52:27] <xkr47> but ok it's the same
[00:53:04] <xkr47> sooo did your name suggestion include a hint that you didn't totally dislike my idea?
[00:53:06] <temporal_> I hope that having anyway the getKeyManagerFactory in KeyCertOptions provide enough flexilibyt
[00:53:12] <temporal_> no
[00:53:23] <xkr47> doh
[00:53:27] <temporal_> I don't think we have to support it for pem if it works for keystore
[00:53:31] <temporal_> and add new complexity
[00:53:51] <temporal_> I'm curious to know if your solution works
[00:53:53] <temporal_> at least
[00:53:57] <xkr47> me too
[00:54:09] <temporal_> because it seems the minimal path on the server to provide the feature
[00:54:19] <temporal_> I'm gong to bed
[00:54:22] <temporal_> it's late here !
[00:54:26] <xkr47> 01:54 here
[00:54:32] <xkr47> wife, kids asleep
[00:54:37] <xkr47> best time ever to do this
[00:54:47] <xkr47> how about you?
[00:54:50] <temporal_> 1am
[00:54:58] <xkr47> and thanks for staying with me
[00:54:58] <temporal_> tomorrow morning won't be best time ever tho
[00:55:08] <temporal_> well I was fixing things in the build :)
[00:55:32] <xkr47> I appreciate your dishonesty
[00:55:33] <xkr47> :D
[00:55:38] <xkr47> good night
[00:55:40] <temporal_> bye
[00:57:10] * ChanServ sets mode: +o temporalfox [09:28:36] * ChanServ sets mode: +o temporal_
[12:22:30] * ChanServ sets mode: +o temporalfox [19:11:29] <xkr47_> temporalfox, how's the bugfixing going? I just wanted to wish best of luck! [21:18:35] * ChanServ sets mode: +o temporal_
[21:30:27] <rbkrishna> Hello :)
[21:31:15] <rbkrishna> I am interested in this issue: Rewrite consumer sync ( https://github.com/vert-x3/vertx-kafka-client/issues/1 )
[21:31:27] <rbkrishna> Can someone guide me through it?
[23:26:40] *** ChanServ sets mode: +o temporalfox