Client migration to Java sdk 3.0, sslKeystoreFie and password

Hi,
I’m trying to migrate our existing cb client from v2 to 3. (our server is 6.0.1)
For security configuration we use ssl keystore file and ssl keystore password.
How are these params translated to the new v3 security config? I’m not able to find any reference to keystore in the code.
The docs hint that this is moved to CertificateAuthenticator but this is not clear how.

Thanks,
Asher

Hi Asher,

Are you just enabling SSL/TLS, or are you also authenticating the client using a certificate instead of a username & password?

Thanks,
David

Hi David,

Previously we used sslKeystoreFile and password for ssl, user/password for authentication

@ashernave in the next release we brought those APIs back for convenience: https://github.com/couchbase/couchbase-jvm-clients/commit/ecf78c141354bbfca2c4ca8c5eec0fe58a1ecc03

If you don’t want to wait for that you can use the same code that we use internally to build up the factory and supply it.

Something along the lines of

final KeyStore store = KeyStore.getInstance(trustStoreType.orElse(KeyStore.getDefaultType()));
        store.load(
          Files.newInputStream(trustStorePath),
          trustStorePassword != null ? trustStorePassword.toCharArray() : null
        );

final TrustManagerFactory tmf = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        tmf.init(trustStore);

and then pass the tmf to the API (https://github.com/couchbase/couchbase-jvm-clients/blob/master/core-io/src/main/java/com/couchbase/client/core/env/SecurityConfig.java#L307) … again in the next version it will remove that boilerplate

Thanks, this is very helpful.
When can I expect the next version be released?

@ashernave currently targeting first tuesday of april. (for the java sdk, we try to do monthly releases on the first tuesday of the month if possible/feasible)