Client Certificate success!
Finally! Mylyn is working in conjunction with encrypted client certificates. I started to think that this was impossible, as the server admins also have been fighting with client certificates in Java. But during my search on the Internet, I came across this page, which seemed to imply that the Java browser plugin supported PKCS12 keystores:
Once you have the plugin control panel open, go to the Advanced tab. At the bottom of the pane is a window for entering run-time parameters for the plugin. Enter the following text into the run-time parameters window.
-Djavax.net.ssl.keyStore=path to your .pfx file -Djavax.net.ssl.keyStorePassword=password to your .pfx file -Djavax.net.ssl.keyStoreType=PKCS12
Of course, the standard keytool documentation doesn’t give any mention of this and thus you are led to believe that you cannot use a standard PKCS12 certificate as the keystore.
Which, in the end, is exactly what I did. I added the following lines to eclipse.ini:
-Djavax.net.ssl.keyStore=d:\Java\
-Djavax.net.ssl.keyStorePassword=
-Djavax.net.ssl.keyStoreType=PKCS12
And it works:
Which means that I can finally put this quest to rest. Everything works as advertised in Mylyn & Eclipse. The only downside that I found so far has been that I have to use the Trac-Web interface of Mylyn instead of the XML-RPC interface (which is not nor will be supported on our server).
Related posts:
Wow, thank you so much. This saved me a huge amount of time. I’d never figured this out.
Hi,
Glad to hear that it’s working for you as well! It was bugging me to no end. Lets hope that with future versions of Eclipse we won’t have to jump through so many hoops anymore.