svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

Sun, 22 Nov 2015 22:43:20 -0800 

Author: jfclere
Date: Mon Nov 23 06:43:01 2015
New Revision: 1715732

URL: http://svn.apache.org/viewvc?rev=1715732&view=rev
Log:
Add the JSSE one.

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715732&r1=1715731&r2=1715732&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon 
Nov 23 06:43:01 2015
@@ -16,11 +16,15 @@
  */
 package org.apache.tomcat.util.net.openssl;
 
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.security.KeyStore;
 import java.util.List;
 
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLSessionContext;
 import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
 
 import org.apache.tomcat.util.net.SSLContext;
 import org.apache.tomcat.util.net.SSLHostConfig;
@@ -54,10 +58,40 @@ public class OpenSSLUtil implements SSLU
         return managers;
     }
 
+    /* In fact we can use the JSSE one for the moment */
     @Override
     public TrustManager[] getTrustManagers() throws Exception {
-        return null;
+       String storefile = System.getProperty("java.home") + 
"/lib/security/cacerts";
+        String password = "changeit";
+        String type = "jks";
+        String provider = null;
+        if (sslHostConfig.getTruststoreFile() != null) {
+               storefile = sslHostConfig.getTruststoreFile();
+        }
+        if (sslHostConfig.getTruststorePassword() != null) {
+               password = sslHostConfig.getTruststorePassword();
+        }
+        if (sslHostConfig.getTruststoreType() != null) {
+               type = sslHostConfig.getTruststoreType();
+        }
+        if (sslHostConfig.getTruststoreProvider() != null) {
+               provider = sslHostConfig.getTruststoreProvider();
+        }
+
+        TrustManagerFactory factory;
+        if (provider == null)
+           factory = 
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+        else
+               factory = TrustManagerFactory.getInstance(provider);
+        
+       KeyStore keystore = KeyStore.getInstance(type);
+       InputStream stream = new FileInputStream(storefile);
+       keystore.load(stream, password.toCharArray());
+               factory.init(keystore);
+       TrustManager[] managers = factory.getTrustManagers();
+        return managers;
     }
+    
 
     @Override
     public void configureSessionContext(SSLSessionContext sslSessionContext) {



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to