Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 345658

Summary: SslContextFactory#getKeyStore method assumes a file-based Java keystore
Product: [RT] Jetty Reporter: Chad La Joie <clajoie>
Component: serverAssignee: Michael Gorovoy <mgorovoy>
Status: CLOSED DUPLICATE QA Contact:
Severity: normal    
Priority: P3 CC: gregw, gunnar, jetty-inbox, mgorovoy
Version: unspecified   
Target Milestone: 7.2.x   
Hardware: PC   
OS: Mac OS X - Carbon (unsup.)   
Whiteboard:

Description Chad La Joie CLA 2011-05-12 16:09:39 EDT
Build Identifier: 7.3.1

SslContextFactory#getKeyStore method assumes that the keystore data is going to be coming from a file.  In most cases this is true, however if you are using a PKCS11 keystore or wish to construct a keystore from plain old PEM encoded files this isn't going to work.  A better approach would be to either have getter/setter methods for the keystore and truststore (and provide a few implementations that support different types of sources) or getKeystore and getTruststore methods that could be overridden within a subclass to do the appropriate thing.  I recommend the former.

Reproducible: Always
Comment 1 Michael Gorovoy CLA 2011-05-12 20:44:09 EDT

*** This bug has been marked as a duplicate of bug 345679 ***
Comment 2 Michael Gorovoy CLA 2011-05-12 20:46:46 EDT
I've created an enhancement ticket with a slightly bigger scope that matches the changes that I am going to commit.