We want migrate our java applications to Quarkus. We using AWS Secret Manager.
Is there any aws secret manager extension or solutions in Quarkus to read credentials from AWS Sectret manager.
There isn't currently.
See https://github.com/quarkusio/quarkus/tree/main/extensions and https://github.com/quarkusio/quarkus/tree/main/extensions/amazon-services for the list of Amazon related extensions
We are considering moving our workloads to Azure. As applications move to Azure they will need to continue to communicate with on-premises workloads using IBM MQ (for some foreseeable future).
I did see this: Storing and retriveing a JKS from Azure key vault but we do not want to package the jks with the application and would like to replace the functionality by Azure KeyVault service.
Has anyone tried using the keyvault as the key and trusted store or can share some guidance on implementing this?
Similar to SSL enabling in Tomcat Windows server question, how do I configure NGINX/OpenResty to use/trust Windows certificate store (especially the authorities)?
One option is to use some kind of NGINX plugin based on NSS (Network Security Services). I've actually found a repository for it here, but no sure I can use it.
Are there any other solutions?
I have set up an WSO2 Identity server in an EC2 instance. I have mapped the carbon.xml entries to this EC2 instance. The WSO2 server is starting up in that IP without any errors.But when i access it , i get a strange SSL error .ideally SSL warning should be coming since i am using WSO2 provided certificates itself and i can go on bypassing it.This is for sample environment so i am not planning to buy certificates
But this error is totally different and there is no way to bypass it.
The error in chrome says
50.200.189.207 uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Unsupported protocol
The client and server don't support a common SSL protocol version or cipher suite.
I am unable to get rid of this.What could be the cause?
Some environments may have (mis)configured already unsupported ciphers (I had this issue on AWS Linux with OpenJDK as well, not on CentOS with Oracle JDK).
I suggest you to read WSO2 CARBON Configuring TLS
long story short:
open $WSO2IS/repository/conf/tomcat/catalina-server.xml
Locate Connector for TLS (port 9443 with sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" )
add property: ciphers="TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
note: please read the documentation for exact values of the cipher property
And indeed, Oracle JDK is recommended for WSO2 products (as noted in the comments), the JDK vendors may differ in supported ciphers
If it doesn't work, let me know, I will post exactly what I've used for other projects
I want to develop a object storage appliaction using ceph. Official client library include java/c++/php/python but exclude golang. Our team use golang as primary develop language and mac osx as default develop environment.
go-ceph is a golang client for ceph, but it requires libredos, but I don't know how to install librados on maxos.
thanks you~
Find a simple APIs to access any Amazon S3 compatible object storage: Minio Go Client SDK for Amazon S3 Compatible Cloud.
Do not need to install a client on osx.
thanks.