[jboss-remoting-issues] [JBoss JIRA] Commented: (JBREM-1172) SSLSocketBuilder should allow keystore and truststore URLs to be "NONE"

Ron Sigal (JIRA) jira-events at lists.jboss.org
Thu Dec 24 21:17:30 EST 2009 

    [ https://jira.jboss.org/jira/browse/JBREM-1172?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12501623#action_12501623 ] 

Ron Sigal commented on JBREM-1172:
----------------------------------

When SSLSocketBuilder gets a URL string of "NONE" of none for a keystore or truststore, it now creates and initializes the store, but it does not attempt to read values from a file.

Unit test:  org.jboss.test.remoting.ssl.emptystore.EmptyStoreTestCase .

The changes have been applied to branches 2.2 and 2.x.

Waiting for hudson results.

> SSLSocketBuilder should allow keystore and truststore URLs to be "NONE"
> -----------------------------------------------------------------------
>
>                 Key: JBREM-1172
>                 URL: https://jira.jboss.org/jira/browse/JBREM-1172
>             Project: JBoss Remoting
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>    Affects Versions: 2.2.3.SP1, 2.5.2 (Flounder)
>            Reporter: Ron Sigal
>            Assignee: Ron Sigal
>             Fix For: 2.2.3.SP2, 2.5.2.SP1 (Flounder)
>
>
> Some Java Cryptography Extension (JCE) providers support hardware based key and truststores, such as PKCS#12 Smartcards.  Rather than specify URLs for keystores and truststores, the Java Secure Socket Extension (JSSE)
> Reference Guide (http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html) specifies that string "NONE" should be used.  org.jboss.remoting.security.SSLSocketBuilder is unable to handler "NONE", and it throws a NullStoreURLException if no keystore or truststore (in the case that a truststore is necessary) is configured.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-remoting-issues mailing list