Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
0.3.0
-
None
Description
Consider a one-way SSL connection to an HTTPS endpoint. We might want to specify a truststore to talk with that endpoint but not a keystore.
The problem stems from the following method:
private SSLContext createSSLContext(final SSLContextService service) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException { final KeyStore truststore = KeyStore.getInstance(service.getTrustStoreType()); try (final InputStream in = new FileInputStream(new File(service.getTrustStoreFile()))) { truststore.load(in, service.getTrustStorePassword().toCharArray()); } final KeyStore keystore = KeyStore.getInstance(service.getKeyStoreType()); try (final InputStream in = new FileInputStream(new File(service.getKeyStoreFile()))) { keystore.load(in, service.getKeyStorePassword().toCharArray()); } final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(truststore, new TrustSelfSignedStrategy()).loadKeyMaterial(keystore, service.getKeyStorePassword().toCharArray()).build(); return sslContext; }
In this case there are no keystore properties causing this process to fail.
Attachments
Attachments
Issue Links
- is related to
-
-
- Resolved
-