Created attachment 25599 [details] patch to solve problem including new junit test When iterating the certificates in a KeyStoreResolver, the iterator might return null even though hasNext() says there are more elements. This happens because hasNext() only checks if there are more aliases. If the next alias contains a symmetric key, there is no certificate in the KeyStore entry and next() returns null. When you look at the KeyResolvers, they are not prepared to handle a null value, this will cause a NullPointerException. To reproduce, use the junit KeyStoreResolverTest in the attachment.
Thanks for the patch, I'll take a look. Colm.
This patch has a bug in the implementation of next() because it never returns NoSuchElementException. See an improvement in the incremental patch attached to Bug 49450.
Patch applied, thanks. Colm.