View | Details | Raw Unified | Return to bug 48545
Collapse All | Expand All

(-)java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (-8 / +44 lines)
Lines 266-272 Link Here
266
        if (keystoreFile == null)
266
        if (keystoreFile == null)
267
            keystoreFile = defaultKeystoreFile;
267
            keystoreFile = defaultKeystoreFile;
268
268
269
        return getStore(type, provider, keystoreFile, pass);
269
        try {
270
            return getStore(type, provider, keystoreFile, pass);
271
        } catch (FileNotFoundException fnfe) {
272
            throw fnfe;
273
        } catch (IOException ioe) {
274
            log.error(sm.getString("jsse.keystore_load_failed", type,
275
                    keystoreFile, ioe.getMessage()), ioe);
276
            throw ioe;
277
        }
270
    }
278
    }
271
279
272
    /*
280
    /*
Lines 316-324 Link Here
316
            log.debug("trustProvider = " + truststoreProvider);
324
            log.debug("trustProvider = " + truststoreProvider);
317
        }
325
        }
318
326
319
        if (truststoreFile != null && truststorePassword != null){
327
        if (truststoreFile != null) {
320
            trustStore = getStore(truststoreType, truststoreProvider,
328
            try {
321
                    truststoreFile, truststorePassword);
329
                trustStore = getStore(truststoreType, truststoreProvider,
330
                        truststoreFile, truststorePassword);
331
            } catch (FileNotFoundException fnfe) {
332
                throw fnfe;
333
            } catch (IOException ioe) {
334
                // Log a warning that we had a password issue
335
                // and re-try, unless the password is null already
336
                if (truststorePassword != null) {
337
                    log.warn(sm.getString("jsse.invalid_truststore_password"),
338
                            ioe);
339
                    try {
340
                        trustStore = getStore(truststoreType,
341
                                truststoreProvider, truststoreFile, null);
342
                        ioe = null;
343
                    } catch (IOException ioe2) {
344
                        ioe = ioe2;
345
                    }
346
                }
347
                if (ioe != null) {
348
                    log.error(sm.getString("jsse.keystore_load_failed",
349
                            truststoreType, truststoreFile, ioe.getMessage()),
350
                            ioe);
351
                    throw ioe;
352
                }
353
            }
322
        }
354
        }
323
355
324
        return trustStore;
356
        return trustStore;
Lines 347-361 Link Here
347
                istream = new FileInputStream(keyStoreFile);
379
                istream = new FileInputStream(keyStoreFile);
348
            }
380
            }
349
381
350
            ks.load(istream, pass.toCharArray());
382
            char[] storePass = null;
383
            if (pass != null && !"".equals(pass)) {
384
                storePass = pass.toCharArray();
385
            }
386
            ks.load(istream, storePass);
351
        } catch (FileNotFoundException fnfe) {
387
        } catch (FileNotFoundException fnfe) {
352
            log.error(sm.getString("jsse.keystore_load_failed", type, path,
388
            log.error(sm.getString("jsse.keystore_load_failed", type, path,
353
                    fnfe.getMessage()), fnfe);
389
                    fnfe.getMessage()), fnfe);
354
            throw fnfe;
390
            throw fnfe;
355
        } catch (IOException ioe) {
391
        } catch (IOException ioe) {
356
            log.error(sm.getString("jsse.keystore_load_failed", type, path,
392
            // May be expected when working with a trust store
357
                    ioe.getMessage()), ioe);
393
            // Re-throw. Caller will catch and log as required
358
            throw ioe;      
394
            throw ioe;
359
        } catch(Exception ex) {
395
        } catch(Exception ex) {
360
            String msg = sm.getString("jsse.keystore_load_failed", type, path,
396
            String msg = sm.getString("jsse.keystore_load_failed", type, path,
361
                    ex.getMessage());
397
                    ex.getMessage());
(-)java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties (+1 lines)
Lines 15-17 Link Here
15
15
16
jsse.alias_no_key_entry=Alias name {0} does not identify a key entry
16
jsse.alias_no_key_entry=Alias name {0} does not identify a key entry
17
jsse.keystore_load_failed=Failed to load keystore type {0} with path {1} due to {2}
17
jsse.keystore_load_failed=Failed to load keystore type {0} with path {1} due to {2}
18
jsse.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation.
(-)webapps/docs/config/http.xml (-2 / +6 lines)
Lines 738-745 Link Here
738
      <p>The password to access the trust store. The default is the value of the
738
      <p>The password to access the trust store. The default is the value of the
739
      <code>javax.net.ssl.trustStorePassword</code> system property. If that
739
      <code>javax.net.ssl.trustStorePassword</code> system property. If that
740
      property is null, the value of <code>keystorePass</code> is used as the
740
      property is null, the value of <code>keystorePass</code> is used as the
741
      default. If neither this attribute, the default system property nor
741
      default. If an invalid trust store password is specified, a warning will
742
      <code>keystorePass</code>is set, no trust store will be configured.</p>
742
      be logged and an attempt will be made to access the trust store without a
743
      password which will skip validation of the trust store contents. If the
744
      trust store password is defined as <code>&quot;&quot;</code> then no
745
      password will be used to access the store which will also skip validation
746
      of the trust store contents.</p>
743
    </attribute>
747
    </attribute>
744
748
745
    <attribute name="truststoreType" required="false">
749
    <attribute name="truststoreType" required="false">

Return to bug 48545