This is an automated email from the ASF dual-hosted git repository.
ilyak pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ignite.git
The following commit(s) were added to refs/heads/master by this push:
new be3072f IGNITE-13730 Unify fallback property for SSL key store
provider - Fixes #8477.
be3072f is described below
commit be3072ff278a2542e41d008b5379473867df3814
Author: Ilya Kasnacheev <ilya.kasnach...@gmail.com>
AuthorDate: Thu Nov 26 18:00:14 2020 +0300
IGNITE-13730 Unify fallback property for SSL key store provider - Fixes
#8477.
---
.../java/org/apache/ignite/IgniteJdbcDriver.java | 12 ++++++----
.../internal/client/GridClientConfiguration.java | 16 ++++++++-----
.../client/ssl/GridSslBasicContextFactory.java | 26 +++++++++-------------
.../internal/client/thin/TcpClientChannel.java | 8 ++++---
.../jdbc/thin/ConnectionPropertiesImpl.java | 2 +-
.../ignite/internal/jdbc/thin/JdbcThinSSLUtil.java | 13 ++++++++---
.../org/apache/ignite/ssl/SslContextFactory.java | 22 +++++++++++++-----
.../ignite/client/ClientConfigurationTest.java | 8 ++++---
.../apache/ignite/testframework/GridTestUtils.java | 9 +++++---
.../org/apache/ignite/client/SecurityTest.java | 8 ++++---
10 files changed, 77 insertions(+), 47 deletions(-)
diff --git a/modules/core/src/main/java/org/apache/ignite/IgniteJdbcDriver.java
b/modules/core/src/main/java/org/apache/ignite/IgniteJdbcDriver.java
index 61a944f..9c0948a 100644
--- a/modules/core/src/main/java/org/apache/ignite/IgniteJdbcDriver.java
+++ b/modules/core/src/main/java/org/apache/ignite/IgniteJdbcDriver.java
@@ -31,6 +31,10 @@ import org.apache.ignite.cache.affinity.AffinityKey;
import org.apache.ignite.internal.jdbc.JdbcConnection;
import org.apache.ignite.internal.jdbc.JdbcDriverPropertyInfo;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_SSL_PROTOCOL;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
+
/**
* JDBC driver implementation for In-Memory Data Grid.
* <p>
@@ -485,10 +489,10 @@ public class IgniteJdbcDriver implements Driver {
info.getProperty("ignite.client.ssl.enabled", "false"),
"Flag indicating that SSL is needed for connection."),
new JdbcDriverPropertyInfo("ignite.client.ssl.protocol",
- info.getProperty("ignite.client.ssl.protocol", "TLS"),
+ info.getProperty("ignite.client.ssl.protocol",
DFLT_SSL_PROTOCOL),
"SSL protocol."),
new JdbcDriverPropertyInfo("ignite.client.ssl.key.algorithm",
- info.getProperty("ignite.client.ssl.key.algorithm",
"SunX509"),
+ info.getProperty("ignite.client.ssl.key.algorithm",
DFLT_KEY_ALGORITHM),
"Key manager algorithm."),
new
JdbcDriverPropertyInfo("ignite.client.ssl.keystore.location",
info.getProperty("ignite.client.ssl.keystore.location",
""),
@@ -497,7 +501,7 @@ public class IgniteJdbcDriver implements Driver {
info.getProperty("ignite.client.ssl.keystore.password",
""),
"Key store password."),
new JdbcDriverPropertyInfo("ignite.client.ssl.keystore.type",
- info.getProperty("ignite.client.ssl.keystore.type", "jks"),
+ info.getProperty("ignite.client.ssl.keystore.type",
DFLT_STORE_TYPE),
"Key store type."),
new
JdbcDriverPropertyInfo("ignite.client.ssl.truststore.location",
info.getProperty("ignite.client.ssl.truststore.location",
""),
@@ -506,7 +510,7 @@ public class IgniteJdbcDriver implements Driver {
info.getProperty("ignite.client.ssl.truststore.password",
""),
"Trust store password."),
new JdbcDriverPropertyInfo("ignite.client.ssl.truststore.type",
- info.getProperty("ignite.client.ssl.truststore.type",
"jks"),
+ info.getProperty("ignite.client.ssl.truststore.type",
DFLT_STORE_TYPE),
"Trust store type."),
new JdbcDriverPropertyInfo("ignite.client.credentials",
info.getProperty("ignite.client.credentials", ""),
diff --git
a/modules/core/src/main/java/org/apache/ignite/internal/client/GridClientConfiguration.java
b/modules/core/src/main/java/org/apache/ignite/internal/client/GridClientConfiguration.java
index 8e373ae..c0135a5 100644
---
a/modules/core/src/main/java/org/apache/ignite/internal/client/GridClientConfiguration.java
+++
b/modules/core/src/main/java/org/apache/ignite/internal/client/GridClientConfiguration.java
@@ -39,6 +39,10 @@ import
org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider;
import org.apache.ignite.plugin.security.SecurityCredentialsProvider;
import org.jetbrains.annotations.Nullable;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_SSL_PROTOCOL;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
+
/**
* Java client configuration.
*/
@@ -721,8 +725,8 @@ public class GridClientConfiguration {
String sslEnabled = in.getProperty(prefix + "ssl.enabled");
- String sslProto = in.getProperty(prefix + "ssl.protocol", "TLS");
- String sslKeyAlg = in.getProperty(prefix + "ssl.key.algorithm",
"SunX509");
+ String sslProto = in.getProperty(prefix + "ssl.protocol");
+ String sslKeyAlg = in.getProperty(prefix + "ssl.key.algorithm");
String keyStorePath = in.getProperty(prefix + "ssl.keystore.location");
String keyStorePwd = in.getProperty(prefix + "ssl.keystore.password");
@@ -780,8 +784,8 @@ public class GridClientConfiguration {
if (!F.isEmpty(sslEnabled) && Boolean.parseBoolean(sslEnabled)) {
GridSslBasicContextFactory factory = new
GridSslBasicContextFactory();
- factory.setProtocol(F.isEmpty(sslProto) ? "TLS" : sslProto);
- factory.setKeyAlgorithm(F.isEmpty(sslKeyAlg) ? "SunX509" :
sslKeyAlg);
+ factory.setProtocol(F.isEmpty(sslProto) ? DFLT_SSL_PROTOCOL :
sslProto);
+ factory.setKeyAlgorithm(F.isEmpty(sslKeyAlg) ? DFLT_KEY_ALGORITHM
: sslKeyAlg);
if (F.isEmpty(keyStorePath))
throw new IllegalArgumentException("SSL key store location is
not specified.");
@@ -791,7 +795,7 @@ public class GridClientConfiguration {
if (keyStorePwd != null)
factory.setKeyStorePassword(keyStorePwd.toCharArray());
- factory.setKeyStoreType(F.isEmpty(keyStoreType) ? "jks" :
keyStoreType);
+ factory.setKeyStoreType(F.isEmpty(keyStoreType) ? DFLT_STORE_TYPE
: keyStoreType);
if (F.isEmpty(trustStorePath))
factory.setTrustManagers(GridSslBasicContextFactory.getDisabledTrustManager());
@@ -801,7 +805,7 @@ public class GridClientConfiguration {
if (trustStorePwd != null)
factory.setTrustStorePassword(trustStorePwd.toCharArray());
- factory.setTrustStoreType(F.isEmpty(trustStoreType) ? "jks" :
trustStoreType);
+ factory.setTrustStoreType(F.isEmpty(trustStoreType) ?
DFLT_STORE_TYPE : trustStoreType);
}
setSslContextFactory(factory);
diff --git
a/modules/core/src/main/java/org/apache/ignite/internal/client/ssl/GridSslBasicContextFactory.java
b/modules/core/src/main/java/org/apache/ignite/internal/client/ssl/GridSslBasicContextFactory.java
index d4075c1..e500705 100644
---
a/modules/core/src/main/java/org/apache/ignite/internal/client/ssl/GridSslBasicContextFactory.java
+++
b/modules/core/src/main/java/org/apache/ignite/internal/client/ssl/GridSslBasicContextFactory.java
@@ -37,6 +37,11 @@ import javax.net.ssl.X509TrustManager;
import org.apache.ignite.internal.util.typedef.F;
import org.apache.ignite.internal.util.typedef.internal.A;
import org.apache.ignite.ssl.SSLContextWrapper;
+import org.apache.ignite.ssl.SslContextFactory;
+
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_SSL_PROTOCOL;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
/**
* Basic ssl context factory that provides ssl context configuration with
specified key
@@ -54,15 +59,6 @@ import org.apache.ignite.ssl.SSLContextWrapper;
*/
@Deprecated
public class GridSslBasicContextFactory implements GridSslContextFactory {
- /** Default key store type. */
- public static final String DFLT_STORE_TYPE = "JKS";
-
- /** Default SSL protocol. */
- public static final String DFLT_SSL_PROTOCOL = "TLS";
-
- /** Default key manager algorithm. */
- public static final String DFLT_KEY_ALGORITHM = "SunX509";
-
/** SSL protocol. */
private String proto = DFLT_SSL_PROTOCOL;
@@ -106,8 +102,8 @@ public class GridSslBasicContextFactory implements
GridSslContextFactory {
}
/**
- * Sets key store type used in context initialization. If not provided,
{@link #DFLT_STORE_TYPE} will
- * be used.
+ * Sets key store type used in context initialization. If not provided,
{@link SslContextFactory#DFLT_STORE_TYPE}
+ * will be used.
*
* @param keyStoreType Key store type.
*/
@@ -127,8 +123,8 @@ public class GridSslBasicContextFactory implements
GridSslContextFactory {
}
/**
- * Sets trust store type used in context initialization. If not provided,
{@link #DFLT_STORE_TYPE} will
- * be used.
+ * Sets trust store type used in context initialization. If not provided,
{@link SslContextFactory#DFLT_STORE_TYPE}
+ * will be used.
*
* @param trustStoreType Trust store type.
*/
@@ -148,7 +144,7 @@ public class GridSslBasicContextFactory implements
GridSslContextFactory {
}
/**
- * Sets protocol for secure transport. If not specified, {@link
#DFLT_SSL_PROTOCOL} will be used.
+ * Sets protocol for secure transport. If not specified, {@link
SslContextFactory#DFLT_SSL_PROTOCOL} will be used.
*
* @param proto SSL protocol name.
*/
@@ -159,7 +155,7 @@ public class GridSslBasicContextFactory implements
GridSslContextFactory {
}
/**
- * Gets algorithm that will be used to create a key manager. If not
specified, {@link #DFLT_KEY_ALGORITHM}
+ * Gets algorithm that will be used to create a key manager. If not
specified, {@link SslContextFactory#DFLT_KEY_ALGORITHM}
* will be used.
*
* @return Key manager algorithm.
diff --git
a/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java
b/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java
index 7c79130..25df909 100644
---
a/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java
+++
b/modules/core/src/main/java/org/apache/ignite/internal/client/thin/TcpClientChannel.java
@@ -103,6 +103,8 @@ import static
org.apache.ignite.internal.client.thin.ProtocolVersion.V1_7_0;
import static
org.apache.ignite.internal.client.thin.ProtocolVersionFeature.AUTHORIZATION;
import static
org.apache.ignite.internal.client.thin.ProtocolVersionFeature.BITMAP_FEATURES;
import static
org.apache.ignite.internal.client.thin.ProtocolVersionFeature.PARTITION_AWARENESS;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
/**
* Implements {@link ClientChannel} over TCP.
@@ -931,7 +933,7 @@ class TcpClientChannel implements ClientChannel {
String keyStoreType = or.apply(
cfg.getSslClientCertificateKeyStoreType(),
- or.apply(System.getProperty("javax.net.ssl.keyStoreType"),
"JKS")
+ or.apply(System.getProperty("javax.net.ssl.keyStoreType"),
DFLT_STORE_TYPE)
);
String keyStorePwd = or.apply(
@@ -946,7 +948,7 @@ class TcpClientChannel implements ClientChannel {
String trustStoreType = or.apply(
cfg.getSslTrustCertificateKeyStoreType(),
- or.apply(System.getProperty("javax.net.ssl.trustStoreType"),
"JKS")
+ or.apply(System.getProperty("javax.net.ssl.trustStoreType"),
DFLT_STORE_TYPE)
);
String trustStorePwd = or.apply(
@@ -954,7 +956,7 @@ class TcpClientChannel implements ClientChannel {
System.getProperty("javax.net.ssl.trustStorePassword")
);
- String algorithm = or.apply(cfg.getSslKeyAlgorithm(), "SunX509");
+ String algorithm = or.apply(cfg.getSslKeyAlgorithm(),
DFLT_KEY_ALGORITHM);
String proto = toString(cfg.getSslProtocol());
diff --git
a/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/ConnectionPropertiesImpl.java
b/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/ConnectionPropertiesImpl.java
index 9cc5853..bacb797 100644
---
a/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/ConnectionPropertiesImpl.java
+++
b/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/ConnectionPropertiesImpl.java
@@ -138,7 +138,7 @@ public class ConnectionPropertiesImpl implements
ConnectionProperties, Serializa
/** SSL: Key algorithm name. */
private StringProperty sslKeyAlgorithm = new
StringProperty("sslKeyAlgorithm",
- "SSL key algorithm name", "SunX509", null, false, null);
+ "SSL key algorithm name", null, null, false, null);
/** SSL: Client certificate key store url. */
private StringProperty sslClientCertificateKeyStoreUrl =
diff --git
a/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/JdbcThinSSLUtil.java
b/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/JdbcThinSSLUtil.java
index d62f939..e410e4d 100644
---
a/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/JdbcThinSSLUtil.java
+++
b/modules/core/src/main/java/org/apache/ignite/internal/jdbc/thin/JdbcThinSSLUtil.java
@@ -33,6 +33,10 @@ import
org.apache.ignite.internal.processors.odbc.SqlStateCode;
import org.apache.ignite.internal.util.typedef.F;
import org.apache.ignite.ssl.SslContextFactory;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_SSL_PROTOCOL;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
+
/**
* SSL utility method to create SSL connetion.
*/
@@ -136,7 +140,7 @@ public class JdbcThinSSLUtil {
cliCertKeyStorePwd =
System.getProperty("javax.net.ssl.keyStorePassword");
if (cliCertKeyStoreType == null)
- cliCertKeyStoreType =
System.getProperty("javax.net.ssl.keyStoreType", "JKS");
+ cliCertKeyStoreType =
System.getProperty("javax.net.ssl.keyStoreType", DFLT_STORE_TYPE);
if (trustCertKeyStoreUrl == null)
trustCertKeyStoreUrl =
System.getProperty("javax.net.ssl.trustStore");
@@ -145,10 +149,13 @@ public class JdbcThinSSLUtil {
trustCertKeyStorePwd =
System.getProperty("javax.net.ssl.trustStorePassword");
if (trustCertKeyStoreType == null)
- trustCertKeyStoreType =
System.getProperty("javax.net.ssl.trustStoreType", "JKS");
+ trustCertKeyStoreType =
System.getProperty("javax.net.ssl.trustStoreType", DFLT_STORE_TYPE);
if (sslProtocol == null)
- sslProtocol = "TLS";
+ sslProtocol = DFLT_SSL_PROTOCOL;
+
+ if (keyAlgorithm == null)
+ keyAlgorithm = DFLT_KEY_ALGORITHM;
SslContextFactory f = new SslContextFactory();
diff --git
a/modules/core/src/main/java/org/apache/ignite/ssl/SslContextFactory.java
b/modules/core/src/main/java/org/apache/ignite/ssl/SslContextFactory.java
index 7fe7c6f..4fef663 100644
--- a/modules/core/src/main/java/org/apache/ignite/ssl/SslContextFactory.java
+++ b/modules/core/src/main/java/org/apache/ignite/ssl/SslContextFactory.java
@@ -60,14 +60,25 @@ public class SslContextFactory implements
Factory<SSLContext> {
/** */
private static final long serialVersionUID = 0L;
- /** Default key store type. */
- public static final String DFLT_STORE_TYPE = "JKS";
+ /** Default key / trust store type. */
+ public static final String DFLT_STORE_TYPE =
System.getProperty("javax.net.ssl.keyStoreType", "JKS");
/** Default SSL protocol. */
public static final String DFLT_SSL_PROTOCOL = "TLS";
- /** Default key manager algorithm. */
- public static final String DFLT_KEY_ALGORITHM = "SunX509";
+ /**
+ * Property name to specify default key/trust manager algorithm.
+ *
+ * @deprecated Use {@code "ssl.KeyManagerFactory.algorithm"} instead as
per JSSE standard.
+ *
+ * Should be considered for deletion in 9.0.
+ */
+ @Deprecated
+ public static final String IGNITE_KEY_ALGORITHM_PROPERTY =
"ssl.key.algorithm";
+
+ /** Default key manager / trust manager algorithm. Specifying different
trust manager algorithm is not supported. */
+ public static final String DFLT_KEY_ALGORITHM =
System.getProperty("ssl.KeyManagerFactory.algorithm",
+ System.getProperty(IGNITE_KEY_ALGORITHM_PROPERTY, "SunX509"));
/** SSL protocol. */
private String proto = DFLT_SSL_PROTOCOL;
@@ -178,8 +189,7 @@ public class SslContextFactory implements
Factory<SSLContext> {
}
/**
- * Sets key manager algorithm that will be used to create a key manager.
Notice that in most cased default value
- * suites well, however, on Android platform this value need to be set to
<tt>X509<tt/>.
+ * Sets key manager algorithm that will be used to create a key manager.
*
* @param keyAlgorithm Key algorithm name.
*/
diff --git
a/modules/core/src/test/java/org/apache/ignite/client/ClientConfigurationTest.java
b/modules/core/src/test/java/org/apache/ignite/client/ClientConfigurationTest.java
index 287c6ec..dcb78ef 100644
---
a/modules/core/src/test/java/org/apache/ignite/client/ClientConfigurationTest.java
+++
b/modules/core/src/test/java/org/apache/ignite/client/ClientConfigurationTest.java
@@ -42,6 +42,8 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.Timeout;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
import static org.junit.Assert.assertTrue;
/**
@@ -63,12 +65,12 @@ public class ClientConfigurationTest {
)
.setSslMode(SslMode.REQUIRED)
.setSslClientCertificateKeyStorePath("client.jks")
- .setSslClientCertificateKeyStoreType("JKS")
+ .setSslClientCertificateKeyStoreType(DFLT_STORE_TYPE)
.setSslClientCertificateKeyStorePassword("123456")
.setSslTrustCertificateKeyStorePath("trust.jks")
- .setSslTrustCertificateKeyStoreType("JKS")
+ .setSslTrustCertificateKeyStoreType(DFLT_STORE_TYPE)
.setSslTrustCertificateKeyStorePassword("123456")
- .setSslKeyAlgorithm("SunX509");
+ .setSslKeyAlgorithm(DFLT_KEY_ALGORITHM);
ByteArrayOutputStream outBytes = new ByteArrayOutputStream();
diff --git
a/modules/core/src/test/java/org/apache/ignite/testframework/GridTestUtils.java
b/modules/core/src/test/java/org/apache/ignite/testframework/GridTestUtils.java
index 9e68277..0b19056 100644
---
a/modules/core/src/test/java/org/apache/ignite/testframework/GridTestUtils.java
+++
b/modules/core/src/test/java/org/apache/ignite/testframework/GridTestUtils.java
@@ -123,6 +123,9 @@ import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import static
org.apache.ignite.internal.processors.cache.persistence.file.FilePageStoreManager.DFLT_STORE_DIR;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_SSL_PROTOCOL;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -1931,13 +1934,13 @@ public final class GridTestUtils {
* @throws IOException If keystore cannot be accessed.
*/
public static SSLContext sslContext() throws GeneralSecurityException,
IOException {
- SSLContext ctx = SSLContext.getInstance("TLS");
+ SSLContext ctx = SSLContext.getInstance(DFLT_SSL_PROTOCOL);
char[] storePass = keyStorePassword().toCharArray();
- KeyManagerFactory keyMgrFactory =
KeyManagerFactory.getInstance("SunX509");
+ KeyManagerFactory keyMgrFactory =
KeyManagerFactory.getInstance(DFLT_KEY_ALGORITHM);
- KeyStore keyStore = KeyStore.getInstance("JKS");
+ KeyStore keyStore = KeyStore.getInstance(DFLT_STORE_TYPE);
keyStore.load(new
FileInputStream(U.resolveIgnitePath(GridTestProperties.getProperty("ssl.keystore.path"))),
storePass);
diff --git
a/modules/indexing/src/test/java/org/apache/ignite/client/SecurityTest.java
b/modules/indexing/src/test/java/org/apache/ignite/client/SecurityTest.java
index dae7a9e..e64713a 100644
--- a/modules/indexing/src/test/java/org/apache/ignite/client/SecurityTest.java
+++ b/modules/indexing/src/test/java/org/apache/ignite/client/SecurityTest.java
@@ -40,6 +40,8 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.Timeout;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_KEY_ALGORITHM;
+import static org.apache.ignite.ssl.SslContextFactory.DFLT_STORE_TYPE;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -113,12 +115,12 @@ public class SecurityTest {
try (IgniteClient client = Ignition.startClient(clientCfg
.setSslMode(SslMode.REQUIRED)
.setSslClientCertificateKeyStorePath(rsrcPath.apply("/client.jks"))
- .setSslClientCertificateKeyStoreType("JKS")
+ .setSslClientCertificateKeyStoreType(DFLT_STORE_TYPE)
.setSslClientCertificateKeyStorePassword("123456")
.setSslTrustCertificateKeyStorePath(rsrcPath.apply("/trust.jks"))
- .setSslTrustCertificateKeyStoreType("JKS")
+ .setSslTrustCertificateKeyStoreType(DFLT_STORE_TYPE)
.setSslTrustCertificateKeyStorePassword("123456")
- .setSslKeyAlgorithm("SunX509")
+ .setSslKeyAlgorithm(DFLT_KEY_ALGORITHM)
.setSslTrustAll(false)
.setSslProtocol(SslProtocol.TLS)
)) {
