Frequently Asked Questions
- Why keystore types are supported?
-
Only PKCS12 is supported.
- Why is JKS not supported?
-
JKS is legacy and PKS12 is the default. Checkout JEP 229: Create PKCS12 Keystores by Default for more information.
- What is the default truststore password?
-
There is no default truststore password.
- Is a password required?
-
A password is not required but most tools expect a truststore password. Generating a truststore without a password is supported out of the box on JDK 18+ and requires the following system properties on earlier versions
-Dkeystore.pkcs12.certProtectionAlgorithm=NONE -Dkeystore.pkcs12.macAlgorithm=NONE - Why is attaching not supported?
-
Right now the pulgin does not support attaching a PKCS12 to an existing module, instead a new module has to be created. We feel this is in the philosophy of Maven of having a single artifact per module.
- How can I consume a dependency on a PKCS12 module?
-
A dependency on a PKCS12 module can be consumed like any other Maven dependency. In particular it can be consumed by the Maven Assembly plugin. Check out this example of an assembly descriptor referencing a PKCS12 module.
- Can I create a source JAR containing the certificates?
-
Absolutely you can use the maven-source-plugin to create a source JAR containing the certificates. It should work out of the box without a need to specify a source folder as long as it runs after this plugin.