Connecting to Couchbase over SSL without providing a Keystore

davemeetsworld · January 30, 2017, 5:00pm

I am writing a Java application that communicates with Couchbase over SSL. I followed the guide at the link below.

https://developer.couchbase.com/documentation/server/current/sdk/java/managing-connections.html

The code snippet extracted from the article shows the environment file being created, SSL enabled and then a KeyStore being passed in.

KeyStore myKeystore = loadKeystore();

CouchbaseEnvironment env = DefaultCouchbaseEnvironment.builder()
    .sslEnabled(true)
    .sslKeystore(myKeystore)
    .build();

The Key i want to use to connect to couchbase is already in the default keystore of my jvm. Is there a way to just have the couchbase Environment file use that store instead and not have to pass one in at all?

daschl · January 30, 2017, 6:28pm

Can’t you just link the default keystore of your jvm?

davemeetsworld · January 31, 2017, 9:49am

I can do that, but there are some complications as the location isn’t always the same depending on my environment.

When making https calls from other libraries it is enough that the signature is present in the keystore of the jvm, so i was curious if there was a way to make this happen with the couchbase SDK.

daschl · January 31, 2017, 12:39pm

As far as I know there is no easy way to find out the location of the used keystore (if you know one let me know), which makes it quite hard for built-in functionality. In your application what you can think of is passing the location from a system property then your app is standardized across environments and you just change the property.

davemeetsworld · February 2, 2017, 12:30pm

Hi, thanks for your response and suggestions. I think i am actually misunderstanding what they key store is used for in this context.