We have a .Net WCF service hosted on a Windows 2013 server. The SSL certificate for the service which is exposed via HTTPS was nearing expiration. An updated certificate was generated and applied to the server.
All of our .Net client applications continued to function as normal, but our Java-based applications began malfunctioning. I am told that the server administrators must manually go onto those boxes and update the Java keystores with the newly updated certificate.
This blows me away, if true. All web browsers, .Net applications, etc... handled the SSL certificate change with no issue. How do you prevent issues like this with a Java keystore in the future when the certificate is eventually updated again? Is there any way to have the keystore be more "dynamic" in this regard?
Aucun commentaire:
Enregistrer un commentaire