diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2019-02-04 08:58:10 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2019-02-04 08:58:10 +0100 |
commit | a917335ea69ab857f00bd17679e259fcc215cad9 (patch) | |
tree | 2aff94e138b0a88d68e10a057071a7cd289978f1 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util | |
parent | 9ddeacf32976d14c3f2f70ec446262998eb8a68e (diff) | |
download | moa-id-spss-a917335ea69ab857f00bd17679e259fcc215cad9.tar.gz moa-id-spss-a917335ea69ab857f00bd17679e259fcc215cad9.tar.bz2 moa-id-spss-a917335ea69ab857f00bd17679e259fcc215cad9.zip |
update SSLUtils to use default JVM trustStore for SSL connections as optional
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index 611dff3b1..6bf44a527 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -61,6 +61,7 @@ import javax.net.ssl.SSLSocketFactory; import org.apache.regexp.RE; import org.apache.regexp.RESyntaxException; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; @@ -93,6 +94,10 @@ public class SSLUtils { ConfigurationProvider conf, String url ) throws IOException, GeneralSecurityException, ConfigurationException, PKIException { + boolean useStandardJavaTrustStore = conf.getBasicMOAIDConfigurationBoolean( + AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, + false); + // else create new SSLSocketFactory String trustStoreURL = conf.getTrustedCACertificates(); @@ -107,6 +112,7 @@ public class SSLUtils { try { SSLSocketFactory ssf = at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory( url, + useStandardJavaTrustStore, null, trustStoreURL, acceptedServerCertURL, @@ -148,6 +154,10 @@ public class SSLUtils { ConnectionParameterInterface connParam) throws IOException, GeneralSecurityException, ConfigurationException, PKIException { + boolean useStandardJavaTrustStore = conf.getBasicMOAIDConfigurationBoolean( + AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, + false); + // else create new SSLSocketFactory String trustStoreURL = conf.getTrustedCACertificates(); @@ -162,6 +172,7 @@ public class SSLUtils { try { SSLSocketFactory ssf = at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory( connParam.getUrl(), + useStandardJavaTrustStore, null, trustStoreURL, acceptedServerCertURL, |