Menu
▾
▴
[Jython-users] Setting javax.net.ssl.keyStore in script
|
From: erik n. <ek...@ya...> - 2017-10-03 21:11:50
|
I’m trying to set the following in my Jython script:
System.setProperty("javax.net.ssl.keyStore", "development.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.trustStore", "developmentTrusted.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.debug", "ssl”);
Which works fine, in the essence of the script. I can even print out the get for each of the properties, and they look proper. When I look into the ssl logs, I see that the trustStore get properly loaded into the JVM:
trustStore is: developmentTrusted.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
...
At no point am I seeing the keyStore get loaded into the JVM. When I run this in pure Java, I see the following, which is what is missing from the Jython logs:
keyStore is : development.jks
keyStore type is : jks
keyStore provider is :
init keystore
...
The issue I’m running into is that I’m not able to properly pass client certificates when the script is required to pass a client certificate to an API or load balancer. I get the following exception in my ssl logs:
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Cert Authorities:
<Empty>
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
Is there an issue with loading a custom keystore with Jython? What is the proper way to load a custom keystore using Jython?
I’m using Jython 2.7.1 and Java 1.8.
Cheers - Erik
.
|