Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-7763

SSLUtils.configureKeyManagersWithCertAlias modifies keyManagers array

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.2.4
    • Fix Version/s: 3.2.6, 3.1.17
    • Component/s: Core
    • Labels:
      None
    • Environment:

      Windows 2012 R2

      Tomcat 8.5.31

      Oracle JDK 1.8.0_171

    • Estimated Complexity:
      Unknown

      Description

      In needed to connect to a web service as several different users and the web service uses a client certificate for authentication. I created separate proxies with different TLSClientParameters for every user, passing in the same trustManagers and keyManagers and a different certAlias.

      This doesn't work, because SSLUtils.configureKeyManagersWithCertAlias modifies the keyManagers array, so it can only be used for a single proxy.

      IMHO SSLUtils.getSSLContext should make a COPY of parameters.getKeyManagers() before passing it to configureKeyManagersWithCertAlias.

      If you don't plan to fix this, then at least mention this in the documentation!

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              condor M.H. Avegaart
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: