1

I am in the impression that once I set system properties when I get SSLContext.getDefault() should return me SSLContext with those set properties. In the following case should be with specified keyStore. Unfortunately that's not what is happening. It falls back JVM's default keystore. Am I missing something ?

            System.setProperty("javax.net.ssl.keyStore", "/valida-location/keyStore.jks");
            System.setProperty("javax.net.ssl.keyStorePassword","changeit");
            System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");

            answer = SSLContext.getDefault();
Sagar
  • 5,315
  • 6
  • 37
  • 66
  • 1
    What do you get in the logs when you run with `-Djavax.net.debug=ssl'`? Does it show that it reads `/keyStore.jks`? – Karol Dowbecki Nov 09 '18 at 22:07
  • `keyStore is : keyStore type is : jks keyStore provider is : init keystore init keymanager of type SunX509 trigger seeding of SecureRandom done seeding SecureRandom Allow unsafe renegotiation: false Allow legacy hello messages: true` This is what I get in logs @KarolDowbecki – Sagar Nov 09 '18 at 22:13
  • Can you re-run with `-D` properties instead of `System.setProperty()`? I'm trying to confirm if your keystore location and password is correct. – Karol Dowbecki Nov 09 '18 at 22:53
  • 1
    (1) is this code executed before any other reference to any SSL-related classes by any code in your JVM processs? (It must be.) (2) Is `/keyStore.jks` really in your system's root directory (or on Windows the drive's)? – dave_thompson_085 Nov 10 '18 at 02:06
  • @dave_thompson_085 please see my answer. Although I tried putting those two properties in my constructor, that too was too late. So, in the end, put that in a static block. Thanks for the hint. – Sagar Nov 10 '18 at 14:34

1 Answers1

1

I think by the time answer = SSLContext.getDefault(); was about to execute, SSLContext related classed were already loaded. I solved it by putting

System.setProperty("javax.net.ssl.keyStore", "/valida-location/keyStore.jks"); System.setProperty("javax.net.ssl.keyStorePassword","changeit"); in static block of my class. That way, there properties were set at the time of class loading. Thanks to @dave_thompson_085 for hint.

Sagar
  • 5,315
  • 6
  • 37
  • 66