aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-AT_eIDAS_connector
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2019-02-04 08:58:10 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2019-02-04 08:58:10 +0100
commita917335ea69ab857f00bd17679e259fcc215cad9 (patch)
tree2aff94e138b0a88d68e10a057071a7cd289978f1 /id/server/modules/moa-id-module-AT_eIDAS_connector
parent9ddeacf32976d14c3f2f70ec446262998eb8a68e (diff)
downloadmoa-id-spss-a917335ea69ab857f00bd17679e259fcc215cad9.tar.gz
moa-id-spss-a917335ea69ab857f00bd17679e259fcc215cad9.tar.bz2
moa-id-spss-a917335ea69ab857f00bd17679e259fcc215cad9.zip
update SSLUtils to use default JVM trustStore for SSL connections as optional
Diffstat (limited to 'id/server/modules/moa-id-module-AT_eIDAS_connector')
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java4
1 files changed, 3 insertions, 1 deletions
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java
index 5cee90658..cd3f1f788 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java
@@ -322,7 +322,9 @@ public class EidasCentralAuthMetadataProvider extends SimpleMetadataProvider
try {
//FIX: change hostname validation default flag to true when httpClient is updated to > 4.4
MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
- PVPConstants.SSLSOCKETFACTORYNAME,
+ PVPConstants.SSLSOCKETFACTORYNAME,
+ moaAuthConfig.getBasicMOAIDConfigurationBoolean(
+ AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, false),
moaAuthConfig.getTrustedCACertificates(),
null,
AuthConfiguration.DEFAULT_X509_CHAININGMODE,