JSSE KeyManagers and TrustManager XML configurations are ignored if they contain no keystore element.

The XSD for JSSE KeyManagers and TrustManagers allows them to not include a keystore (or certstore) element (which is correct). However the configured key and trust manager configurations are ignored and not applied if they contain no keystore configuration element (see TLSParameterJaxBUtils.java:239 and TLSParameterJaxBUtils.java:275).

For a Trust- or KeyManager to not require a keystore configuration is a valid scenario. I'm currently using a JCE provider that does not require a keystore. With the current implementation I can not use this provider with the XML configuration feature. If I set the key and trust managers of this provider manually in the TLSClientParametersConfig using java code it works as expected.