Skip to content

KNOX-3316: Support BCFKS truststore download on FIPS environments#1292

Merged
hanicz merged 1 commit into
apache:masterfrom
hanicz:KNOX-3316
Jul 2, 2026
Merged

KNOX-3316: Support BCFKS truststore download on FIPS environments#1292
hanicz merged 1 commit into
apache:masterfrom
hanicz:KNOX-3316

Conversation

@hanicz

@hanicz hanicz commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

KNOX-3316 - Support BCFKS truststore download on FIPS environments

What changes were proposed in this pull request?

  • Homepage now offers BCFKS (instead of JKS) when Knox runs in FIPS mode; JKS on non-FIPS.
  • /metadata/api/v1/metadata/info exposes a new truststoreType field; UI reads it and renders the download link dynamically.
  • Fixed a latent bug in /publicCert: on write failure the endpoint used to try to stream a non-existent file (NoSuchFileException). It now returns 503 with a clear error.
  • Cleaned up getGeneralProxyInformation() to build the DTO via a new fluent GeneralProxyInformation.Builder instead of mid-method mutation.
  • Cleaned up the /metadata/api/v1/metadata/info endpoint to use the new builder

How was this patch tested?

Tested locally with and without FIPS settings. Was able to download BCFKS and JKS respectively.

Integration Tests

N/A

UI changes

BCFKS

Screenshot 2026-07-02 at 9 43 02

JKS

image

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown

Test Results

32 tests   32 ✅  3s ⏱️
 1 suites   0 💤
 1 files     0 ❌

Results for commit c8fa9b5.

@hanicz hanicz merged commit 9c000de into apache:master Jul 2, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants