2

I am in the impression that once I set system properties when I get SSLContext.getDefault() should return me SSLContext with those set properties. In the following case should be with specified keyStore. Unfortunately that's not what is happening. It falls back JVM's default keystore. Am I missing something ?

            System.setProperty("javax.net.ssl.keyStore", "/valida-location/keyStore.jks");
            System.setProperty("javax.net.ssl.keyStorePassword","changeit");
            System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");

            answer = SSLContext.getDefault();
Improve this question
5
  • 1
    What do you get in the logs when you run with -Djavax.net.debug=ssl'? Does it show that it reads /keyStore.jks? Commented Nov 9, 2018 at 22:07
  • keyStore is : keyStore type is : jks keyStore provider is : init keystore init keymanager of type SunX509 trigger seeding of SecureRandom done seeding SecureRandom Allow unsafe renegotiation: false Allow legacy hello messages: true This is what I get in logs @KarolDowbecki Commented Nov 9, 2018 at 22:13
  • Can you re-run with -D properties instead of System.setProperty()? I'm trying to confirm if your keystore location and password is correct. Commented Nov 9, 2018 at 22:53
  • 1
    (1) is this code executed before any other reference to any SSL-related classes by any code in your JVM processs? (It must be.) (2) Is /keyStore.jks really in your system's root directory (or on Windows the drive's)? Commented Nov 10, 2018 at 2:06
  • @dave_thompson_085 please see my answer. Although I tried putting those two properties in my constructor, that too was too late. So, in the end, put that in a static block. Thanks for the hint. Commented Nov 10, 2018 at 14:34

1 Answer 1

Reset to default
1

I think by the time answer = SSLContext.getDefault(); was about to execute, SSLContext related classed were already loaded. I solved it by putting

System.setProperty("javax.net.ssl.keyStore", "/valida-location/keyStore.jks"); System.setProperty("javax.net.ssl.keyStorePassword","changeit"); in static block of my class. That way, there properties were set at the time of class loading. Thanks to @dave_thompson_085 for hint.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.