Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 361325 - SslContextFactory#setKeyStore(java.security.KeyStore) is ignored, leading to misleading "no matching ciphers" exceptions
Summary: SslContextFactory#setKeyStore(java.security.KeyStore) is ignored, leading to ...
Status: RESOLVED FIXED
Alias: None
Product: Jetty
Classification: RT
Component: server (show other bugs)
Version: 7.5.3   Edit
Hardware: PC Linux
: P3 normal (vote)
Target Milestone: 7.5.x   Edit
Assignee: Greg Wilkins CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-10-18 23:01 EDT by Marshall Pierce CLA
Modified: 2011-10-19 00:21 EDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marshall Pierce CLA 2011-10-18 23:01:39 EDT 
SslContextFactory#setKeyStore(java.security.KeyStore) sets the _keyStore field.
That field (among other _keyStore* fields) is used in loadKeyStore(), which is only used in the "you've configured a keystore" of doStart() (L247). However, the "you haven't configured a keystore" branch of doStart() is used mistakenly since L210-211 do not check if _keyStore was set, only if the other _keyStore* fields:

if (_keyStoreInputStream == null && _keyStorePath == null &&
      _trustStoreInputStream == null && _trustStorePath == null )
Comment 1 Greg Wilkins CLA 2011-10-19 00:21:04 EDT 
Allow the KeyStore to be set.
Also allow TrustAll to be set, so if it is false and no keystore and truststore is set, then null is passed and the defaults used.