aboutsummaryrefslogtreecommitdiff
path: root/id/server/moa-id-commons/src/main/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java37
1 files changed, 30 insertions, 7 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
index beb6cc1c6..dd606ea18 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
@@ -58,6 +58,7 @@ import java.util.List;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
import iaik.pki.jsse.IAIKX509TrustManager;
@@ -85,10 +86,15 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
public MOAIDTrustManager(String acceptedServerCertificateStoreURL)
throws IOException, GeneralSecurityException, SSLConfigurationException {
- if (acceptedServerCertificateStoreURL != null)
- buildAcceptedServerCertificates(acceptedServerCertificateStoreURL);
- else
- acceptedServerCertificates = null;
+ if (acceptedServerCertificateStoreURL != null && MiscUtil.isNotEmpty(acceptedServerCertificateStoreURL.trim())) {
+ Logger.info("Initialize SSL-TrustStore with explicit accepted server-certificates");
+ buildAcceptedServerCertificates(acceptedServerCertificateStoreURL);
+
+ } else {
+ Logger.info("Initialize SSL-TrustStore without explicit accepted server-certificates");
+ acceptedServerCertificates = null;
+
+ }
}
@@ -119,9 +125,26 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
throws IOException, GeneralSecurityException, SSLConfigurationException {
List<X509Certificate> certList = new ArrayList<X509Certificate>();
URL storeURL = new URL(acceptedServerCertificateStoreURL);
+
+ //check URL to TrustStore
+ if (storeURL.getFile() == null) {
+ Logger.error("Can NOT initialize SSLTrustManager. TrustStore: " + acceptedServerCertificateStoreURL
+ + " is NOT found");
+ throw new SSLConfigurationException("config.29", new Object[]{acceptedServerCertificateStoreURL, "File or Directory NOT found!"});
+
+ }
File storeDir = new File(storeURL.getFile());
- // list certificate files in directory
- File[] certFiles = storeDir.listFiles();
+
+ //check directory and files
+ if (storeDir == null || storeDir.listFiles() == null) {
+ Logger.error("Can NOT initialize SSLTrustManager. TrustStore: " + acceptedServerCertificateStoreURL
+ + " is NOT found");
+ throw new SSLConfigurationException("config.29", new Object[]{acceptedServerCertificateStoreURL, "Files or Directory NOT found!"});
+
+ }
+
+ // list certificate files in directory
+ File[] certFiles = storeDir.listFiles();
for (int i = 0; i < certFiles.length; i++) {
// for each: create an X509Certificate and store it in list
File certFile = certFiles[i];
@@ -148,7 +171,7 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
}
}
- throw new SSLConfigurationException("", new Object[]{certFile.getPath(), e.getMessage()}, e);
+ throw new SSLConfigurationException("config.28", new Object[]{certFile.getPath(), e.getMessage()}, e);
} finally {
if (fis != null)