From a917335ea69ab857f00bd17679e259fcc215cad9 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 4 Feb 2019 08:58:10 +0100
Subject: update SSLUtils to use default JVM trustStore for SSL connections as
 optional

---
 .../moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java          | 4 +++-
 .../egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java   | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index 1fa17c683..4fc37d88f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -145,7 +145,9 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider {
 			try {
 				//FIX: change hostname validation default flag to true when httpClient is updated to > 4.4
 				MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
-						PVPConstants.SSLSOCKETFACTORYNAME, 
+						PVPConstants.SSLSOCKETFACTORYNAME,
+						moaAuthConfig.getBasicMOAIDConfigurationBoolean(
+								AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, false),
 						moaAuthConfig.getTrustedCACertificates(),
 						null,
 						AuthConfiguration.DEFAULT_X509_CHAININGMODE, 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
index d7ada1f36..bd908f894 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
@@ -75,7 +75,9 @@ public class MOASAMLSOAPClient {
 				//FIX: change hostname validation default flag to true when httpClient is updated to > 4.4
 				SecureProtocolSocketFactory sslprotocolsocketfactory = 
 						new MOAHttpProtocolSocketFactory(
-								PVPConstants.SSLSOCKETFACTORYNAME,  
+								PVPConstants.SSLSOCKETFACTORYNAME,
+								AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfigurationBoolean(
+										AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, false),
 								AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(),
 								null,
 								AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), 
-- 
cgit v1.2.3