[
https://issues.jboss.org/browse/JBREM-1306?page=com.atlassian.jira.plugin...
]
Ron Sigal commented on JBREM-1306:
----------------------------------
There is a new configuration parameter:
org.jboss.remoting.transport.http.ssl.HTTPSClientInvoker.USE_DEFAULT_SSL_SOCKET_FACTORY
(actual value "useDefaultSslSocketFactory"). If it is set to true, then
HTTPSClientInvoker.createSocketFactory() will call
HttpsURLConnection.getDefaultSSLSocketFactory() instead of trying to build a
SocketFactory.
Unit test:
org.jboss.test.remoting.transport.http.ssl.socketfactory.DefaultSocketFactoryTestCase.
Waiting for results in jenkins.
Remoting tries to create SSLSocketFactory even when not desired
---------------------------------------------------------------
Key: JBREM-1306
URL:
https://issues.jboss.org/browse/JBREM-1306
Project: JBoss Remoting
Issue Type: Bug
Security Level: Public(Everyone can see)
Affects Versions: 2.2.4, 2.5.4.SP3
Reporter: Kyle Lape
Assignee: Ron Sigal
Priority: Minor
Fix For: 2.2.4.SP1, 2.5.4.SP4
Running the following code is an alternative way to set the keystore/truststore in a
remoting client:
{noformat}
KeyStore ksTrust = KeyStore.getInstance("JKS");
ksTrust.load(new FileInputStream("testTrust"), passphrase);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance("SunX509");
tmf.init(ksTrust);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
{noformat}
When this code is added, Remoting should not try to create its own {{SSLSocketFactory}}.
Currently there is no way to tell Remoting to not try. This causes a confusing ERROR
message:
{noformat}
Error creating SSL Socket Factory for client invoker: Error initializing socket factory
SSL context: Can not find truststore url.
{noformat}
After this message is logged, the client still works because it falls back to the default
{{SSLSocketFactory}} (that was already set).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira