Menu
▾
▴
Re: [Jython-users] Setting javax.net.ssl.keyStore in script
|
From: Stefan R. <Ste...@gm...> - 2017-10-04 15:49:28
|
Erik, this might be related to http://bugs.jython.org/issue2614. Anyway, I think it would be best to file a new issue at http://bugs.jython.org about this. This way it won't get lost. Make sure to provide all info you gave in this email. Best, Stefan > Gesendet: Dienstag, 03. Oktober 2017 um 23:11 Uhr > Von: "erik nord via Jython-users" <jyt...@li...> > An: jyt...@li... > Betreff: [Jython-users] Setting javax.net.ssl.keyStore in script > > I’m trying to set the following in my Jython script: > > System.setProperty("javax.net.ssl.keyStore", "development.jks"); > System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); > System.setProperty("javax.net.ssl.keyStoreType", "jks"); > > System.setProperty("javax.net.ssl.trustStore", "developmentTrusted.jks"); > System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); > System.setProperty("javax.net.ssl.trustStoreType", "jks"); > > System.setProperty("javax.net.debug", "ssl”); > > Which works fine, in the essence of the script. I can even print out the get for each of the properties, and they look proper. When I look into the ssl logs, I see that the trustStore get properly loaded into the JVM: > > trustStore is: developmentTrusted.jks > trustStore type is : jks > trustStore provider is : > init truststore > adding as trusted cert: > ... > > At no point am I seeing the keyStore get loaded into the JVM. When I run this in pure Java, I see the following, which is what is missing from the Jython logs: > > keyStore is : development.jks > keyStore type is : jks > keyStore provider is : > init keystore > ... > > The issue I’m running into is that I’m not able to properly pass client certificates when the script is required to pass a client certificate to an API or load balancer. I get the following exception in my ssl logs: > > *** CertificateRequest > Cert Types: RSA, DSS, ECDSA > Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA > Cert Authorities: > <Empty> > *** ServerHelloDone > Warning: no suitable certificate found - continuing without client authentication > *** Certificate chain > <Empty> > *** > > Is there an issue with loading a custom keystore with Jython? What is the proper way to load a custom keystore using Jython? > > I’m using Jython 2.7.1 and Java 1.8. > > Cheers - Erik > . > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Jython-users mailing list > Jyt...@li... > https://lists.sourceforge.net/lists/listinfo/jython-users > |
