This is an automated email from the ASF dual-hosted git repository.

apkhmv pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/ignite-3.git


The following commit(s) were added to refs/heads/main by this push:
     new 2d34d76f1f IGNITE-19346 Allow using default trust store in client 
connections (#1971)
2d34d76f1f is described below

commit 2d34d76f1f9112141cc82b8908bc72c5e5bffddc
Author: Vadim Pakhnushev <[email protected]>
AuthorDate: Thu Apr 27 15:14:06 2023 +0300

    IGNITE-19346 Allow using default trust store in client connections (#1971)
---
 .../ignite/internal/cli/config/CliConfigKeys.java  |  6 ++++
 .../ignite/internal/cli/core/JdbcUrlFactory.java   | 14 +++++++--
 .../internal/cli/core/rest/ApiClientFactory.java   |  2 +-
 .../internal/cli/core/JdbcUrlFactoryTest.java      | 18 +++++++++++
 .../org/apache/ignite/client/SslConfiguration.java |  6 ----
 .../internal/client/SslConfigurationBuilder.java   | 31 ++-----------------
 .../internal/client/SslConfigurationImpl.java      | 21 +------------
 .../io/netty/NettyClientConnectionMultiplexer.java | 33 ++++++++------------
 .../ignite/internal/jdbc/ConnectionProperties.java | 28 -----------------
 .../internal/jdbc/ConnectionPropertiesImpl.java    | 36 ++--------------------
 .../ignite/internal/jdbc/JdbcConnection.java       |  2 --
 .../org/apache/ignite/internal/ssl/ItSslTest.java  |  6 ----
 12 files changed, 53 insertions(+), 150 deletions(-)

diff --git 
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
 
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
index a0dac921fa..6f3d0ad599 100644
--- 
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
+++ 
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
@@ -45,6 +45,9 @@ public enum CliConfigKeys {
     /** Default JDBC URL property name. */
     JDBC_URL(Constants.JDBC_URL),
 
+    /** JDBC SSL enabled property name. */
+    JDBC_SSL_ENABLED(Constants.JDBC_SSL_ENABLED),
+
     /** JDBC trust store path property name. */
     JDBC_TRUST_STORE_PATH(Constants.JDBC_TRUST_STORE_PATH),
 
@@ -81,6 +84,7 @@ public enum CliConfigKeys {
                         REST_KEY_STORE_PATH,
                         REST_TRUST_STORE_PASSWORD,
                         REST_TRUST_STORE_PATH,
+                        JDBC_SSL_ENABLED,
                         JDBC_KEY_STORE_PASSWORD,
                         JDBC_KEY_STORE_PATH,
                         JDBC_TRUST_STORE_PASSWORD,
@@ -110,6 +114,8 @@ public enum CliConfigKeys {
 
         public static final String JDBC_URL = "ignite.jdbc-url";
 
+        public static final String JDBC_SSL_ENABLED = 
"ignite.jdbc.ssl-enabled";
+
         public static final String JDBC_TRUST_STORE_PATH = 
"ignite.jdbc.trust-store.path";
 
         public static final String JDBC_TRUST_STORE_PASSWORD = 
"ignite.jdbc.trust-store.password";
diff --git 
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
 
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
index 64b0547a8b..7403bf8f06 100644
--- 
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
+++ 
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
@@ -22,6 +22,7 @@ import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.BASIC_AUTHENTI
 import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_CLIENT_AUTH;
 import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_KEY_STORE_PASSWORD;
 import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_KEY_STORE_PATH;
+import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_SSL_ENABLED;
 import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_TRUST_STORE_PASSWORD;
 import static 
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_TRUST_STORE_PATH;
 
@@ -74,9 +75,7 @@ public class JdbcUrlFactory {
         addIfSet(queryParams, JDBC_KEY_STORE_PATH, "keyStorePath");
         addIfSet(queryParams, JDBC_KEY_STORE_PASSWORD, "keyStorePassword");
         addIfSet(queryParams, JDBC_CLIENT_AUTH, "clientAuth");
-        if (!queryParams.isEmpty()) {
-            queryParams.add(0, "sslEnabled=true");
-        }
+        addSslEnabledIfNeeded(queryParams);
         addIfSet(queryParams, BASIC_AUTHENTICATION_USERNAME, 
"basicAuthenticationUsername");
         addIfSet(queryParams, BASIC_AUTHENTICATION_PASSWORD, 
"basicAuthenticationPassword");
         if (!queryParams.isEmpty()) {
@@ -88,6 +87,15 @@ public class JdbcUrlFactory {
         }
     }
 
+    private void addSslEnabledIfNeeded(List<String> queryParams) {
+        String sslEnabled = 
configManagerProvider.get().getCurrentProperty(JDBC_SSL_ENABLED.value());
+        if (sslEnabled != null) {
+            queryParams.add(0, "sslEnabled=" + sslEnabled);
+        } else if (!queryParams.isEmpty()) {
+            queryParams.add(0, "sslEnabled=true");
+        }
+    }
+
     private void addIfSet(List<String> queryParams, CliConfigKeys key, String 
property) {
         ConfigManager configManager = configManagerProvider.get();
         String value = configManager.getCurrentProperty(key.value());
diff --git 
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
 
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
index 98e5a70590..5357a74d69 100644
--- 
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
+++ 
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
@@ -156,7 +156,7 @@ public class ApiClientFactory {
             } else {
                 char[] password = settings.keyStorePassword() == null ? null : 
settings.keyStorePassword().toCharArray();
                 KeyStore keyStore = KeyStore.getInstance(new 
File(settings.keyStorePath()), password);
-                keyManagerFactory.init(keyStore, 
settings.keyStorePassword().toCharArray());
+                keyManagerFactory.init(keyStore, password);
             }
 
             return keyManagerFactory;
diff --git 
a/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
 
b/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
index 9d290da6a5..1eb1e41dc7 100644
--- 
a/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
+++ 
b/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
@@ -24,6 +24,7 @@ import static 
org.apache.ignite.internal.cli.commands.cliconfig.TestConfigManage
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
 import 
org.apache.ignite.internal.cli.commands.cliconfig.TestConfigManagerProvider;
+import org.apache.ignite.internal.cli.config.CliConfigKeys;
 import org.junit.jupiter.api.Test;
 
 class JdbcUrlFactoryTest {
@@ -56,6 +57,23 @@ class JdbcUrlFactoryTest {
         assertEquals(expectedJdbcUrl, jdbcUrl);
     }
 
+    @Test
+    void withSslEnabledExplicitly() {
+        // Given config with JDBC SSL enabled and ssl-enabled set to true in 
the config explicitly
+        configManagerProvider.setConfigFile(createIntegrationTestsConfig(), 
createJdbcTestsSslSecretConfig());
+        
configManagerProvider.configManager.setProperty(CliConfigKeys.JDBC_SSL_ENABLED.value(),
 "true");
+
+        // Then JDBC URL is constructed with SSL settings
+        String jdbcUrl = 
factory.constructJdbcUrl("{clientConnector:{port:10800}}", 
"http://localhost:10300";);
+        String expectedJdbcUrl = "jdbc:ignite:thin://localhost:10800"
+                + "?sslEnabled=true"
+                + "&trustStorePath=ssl/truststore.jks"
+                + "&trustStorePassword=changeit"
+                + "&keyStorePath=ssl/keystore.p12"
+                + "&keyStorePassword=changeit";
+        assertEquals(expectedJdbcUrl, jdbcUrl);
+    }
+
     @Test
     void withBasic() {
         // Given config with basic authentication enabled
diff --git 
a/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java 
b/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
index 075aa82829..9018ada1f7 100644
--- 
a/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
+++ 
b/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
@@ -37,18 +37,12 @@ public interface SslConfiguration {
     /** Keystore password that will be used to setup the SSL connection. */
     @Nullable String keyStorePassword();
 
-    /** Keystore type that will be used to setup the SSL connection. */
-    String keyStoreType();
-
     /** Truststore path that will be used to setup the SSL connection. */
     @Nullable String trustStorePath();
 
     /** Truststore password that will be used to setup the SSL connection. */
     @Nullable String trustStorePassword();
 
-    /** Truststore type that will be used to setup the SSL connection. */
-    String trustStoreType();
-
     /** SSL configuration builder. */
     static SslConfigurationBuilder builder() {
         return new SslConfigurationBuilder();
diff --git 
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
 
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
index 5f69dc6264..2b23e0f591 100644
--- 
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
+++ 
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
@@ -23,7 +23,6 @@ import org.jetbrains.annotations.Nullable;
 
 /** SSL configuration builder. */
 public class SslConfigurationBuilder {
-    private static final String DEFAULT_KEYSTORE_TYPE = "PKCS12";
 
     private boolean enabled = false;
 
@@ -35,14 +34,10 @@ public class SslConfigurationBuilder {
 
     private @Nullable String keyStorePassword;
 
-    private String keyStoreType = DEFAULT_KEYSTORE_TYPE;
-
     private @Nullable String trustStorePath;
 
     private @Nullable String trustStorePassword;
 
-    private String trustStoreType = DEFAULT_KEYSTORE_TYPE;
-
     /** Enabled/disabled setter. */
     public SslConfigurationBuilder enabled(boolean enabled) {
         this.enabled = enabled;
@@ -78,17 +73,6 @@ public class SslConfigurationBuilder {
         return this;
     }
 
-    /** Keystore type setter. If set to {@code null} then the default PKCS12 
type is used. */
-    public SslConfigurationBuilder keyStoreType(@Nullable String keyStoreType) 
{
-        if (keyStoreType == null) {
-            this.keyStoreType = DEFAULT_KEYSTORE_TYPE;
-            return this;
-        }
-
-        this.keyStoreType = keyStoreType;
-        return this;
-    }
-
     /** Truststore path setter. */
     public SslConfigurationBuilder trustStorePath(@Nullable String 
trustStorePath) {
         this.trustStorePath = trustStorePath;
@@ -101,23 +85,12 @@ public class SslConfigurationBuilder {
         return this;
     }
 
-    /** Truststore type setter. If set to {@code null} then the default PKCS12 
type is used. */
-    public SslConfigurationBuilder trustStoreType(@Nullable String 
trustStoreType) {
-        if (trustStoreType == null) {
-            this.trustStoreType = DEFAULT_KEYSTORE_TYPE;
-            return this;
-        }
-
-        this.trustStoreType = trustStoreType;
-        return this;
-    }
-
     /** Build SslConfiguration instance. */
     public SslConfiguration build() {
         return new SslConfigurationImpl(
                 enabled, clientAuth, ciphers,
-                keyStorePath, keyStorePassword, keyStoreType,
-                trustStorePath, trustStorePassword, trustStoreType
+                keyStorePath, keyStorePassword,
+                trustStorePath, trustStorePassword
         );
     }
 }
diff --git 
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
 
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
index a38eaa8e2f..2d64acfa8e 100644
--- 
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
+++ 
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
@@ -33,14 +33,10 @@ public class SslConfigurationImpl implements 
SslConfiguration {
 
     private final @Nullable String keyStorePassword;
 
-    private final String keyStoreType;
-
     private final @Nullable String trustStorePath;
 
     private final @Nullable String trustStorePassword;
 
-    private final String trustStoreType;
-
     /** Main constructor. */
     SslConfigurationImpl(
             boolean enabled,
@@ -48,20 +44,16 @@ public class SslConfigurationImpl implements 
SslConfiguration {
             @Nullable Iterable<String> ciphers,
             @Nullable String keyStorePath,
             @Nullable String keyStorePassword,
-            String keyStoreType,
             @Nullable String trustStorePath,
-            @Nullable String trustStorePassword,
-            String trustStoreType
+            @Nullable String trustStorePassword
     ) {
         this.enabled = enabled;
         this.clientAuth = clientAuth;
         this.ciphers = ciphers;
         this.keyStorePath = keyStorePath;
         this.keyStorePassword = keyStorePassword;
-        this.keyStoreType = keyStoreType;
         this.trustStorePath = trustStorePath;
         this.trustStorePassword = trustStorePassword;
-        this.trustStoreType = trustStoreType;
     }
 
     /** {@inheritDoc} */
@@ -93,12 +85,6 @@ public class SslConfigurationImpl implements 
SslConfiguration {
         return keyStorePassword;
     }
 
-    /** {@inheritDoc} */
-    @Override
-    public String keyStoreType() {
-        return keyStoreType;
-    }
-
     /** {@inheritDoc} */
     @Override
     public @Nullable String trustStorePath() {
@@ -111,9 +97,4 @@ public class SslConfigurationImpl implements 
SslConfiguration {
         return trustStorePassword;
     }
 
-    /** {@inheritDoc} */
-    @Override
-    public String trustStoreType() {
-        return trustStoreType;
-    }
 }
diff --git 
a/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
 
b/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
index ee4b1fdbb8..fa4264b08a 100644
--- 
a/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
+++ 
b/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
@@ -29,11 +29,9 @@ import io.netty.channel.socket.nio.NioSocketChannel;
 import io.netty.handler.ssl.ClientAuth;
 import io.netty.handler.ssl.SslContext;
 import io.netty.handler.ssl.SslContextBuilder;
+import java.io.File;
 import java.io.IOException;
-import java.io.InputStream;
 import java.net.InetSocketAddress;
-import java.nio.file.Files;
-import java.nio.file.Path;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
@@ -124,38 +122,31 @@ public class NettyClientConnectionMultiplexer implements 
ClientConnectionMultipl
 
     private static KeyManagerFactory loadKeyManagerFactory(SslConfiguration 
ssl)
             throws KeyStoreException, IOException, NoSuchAlgorithmException, 
CertificateException, UnrecoverableKeyException {
-        KeyStore ks = KeyStore.getInstance(ssl.keyStoreType());
+        KeyManagerFactory keyManagerFactory = 
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
 
-        char[] ksPassword = ssl.keyStorePassword() == null ? null : 
ssl.keyStorePassword().toCharArray();
         if (ssl.keyStorePath() != null) {
-            try (InputStream is = 
Files.newInputStream(Path.of(ssl.keyStorePath()))) {
-                ks.load(is, ksPassword);
-            }
+            char[] ksPassword = ssl.keyStorePassword() == null ? null : 
ssl.keyStorePassword().toCharArray();
+            KeyStore ks = KeyStore.getInstance(new File(ssl.keyStorePath()), 
ksPassword);
+            keyManagerFactory.init(ks, ksPassword);
         } else {
-            ks.load(null, ksPassword);
+            keyManagerFactory.init(null, null);
         }
 
-        KeyManagerFactory keyManagerFactory = 
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-        keyManagerFactory.init(ks, ksPassword);
         return keyManagerFactory;
     }
 
     private static TrustManagerFactory 
loadTrustManagerFactory(SslConfiguration ssl)
             throws KeyStoreException, IOException, NoSuchAlgorithmException, 
CertificateException {
-        KeyStore ts = KeyStore.getInstance(ssl.trustStoreType());
-        char[] tsPassword = ssl.trustStorePassword() == null ? null : 
ssl.trustStorePassword().toCharArray();
+        TrustManagerFactory trustManagerFactory = 
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+
         if (ssl.trustStorePath() != null) {
-            try (InputStream is = 
Files.newInputStream(Path.of(ssl.trustStorePath()))) {
-                ts.load(is, tsPassword);
-            }
+            char[] tsPassword = ssl.trustStorePassword() == null ? null : 
ssl.trustStorePassword().toCharArray();
+            KeyStore ts = KeyStore.getInstance(new File(ssl.trustStorePath()), 
tsPassword);
+            trustManagerFactory.init(ts);
         } else {
-            ts.load(null, tsPassword);
+            trustManagerFactory.init((KeyStore) null);
         }
 
-        TrustManagerFactory trustManagerFactory = 
TrustManagerFactory.getInstance(
-                TrustManagerFactory.getDefaultAlgorithm()
-        );
-        trustManagerFactory.init(ts);
         return trustManagerFactory;
     }
 
diff --git 
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
 
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
index d81a3095df..fbc1f319f8 100644
--- 
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
+++ 
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
@@ -184,13 +184,6 @@ public interface ConnectionProperties {
      */
     void setTrustStorePassword(String password);
 
-    /**
-     * Set keystore type. For example, PKSC12 or JKS.
-     *
-     * @param type Truststore type.
-     */
-    void setTrustStoreType(String type);
-
     /**
      * Trust store path.
      *
@@ -205,20 +198,6 @@ public interface ConnectionProperties {
      */
     String getTrustStorePassword();
 
-    /**
-     * Truststore type.
-     *
-     * @return Truststore type.
-     */
-    String getTrustStoreType();
-
-    /**
-     * Set keystore type. For example, PKSC12 or JKS.
-     *
-     * @param type Keystore type.
-     */
-    void setKeyStoreType(String type);
-
     /**
      * Set key store path that will be used to setup SSL connection.
      *
@@ -247,13 +226,6 @@ public interface ConnectionProperties {
      */
     String getKeyStorePassword();
 
-    /**
-     * Keystore type.
-     *
-     * @return Keytore type.
-     */
-    String getKeyStoreType();
-
     /**
      * Basic authentication username.
      *
diff --git 
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
 
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
index c3cfea3a63..164638a482 100644
--- 
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
+++ 
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
@@ -89,10 +89,6 @@ public class ConnectionPropertiesImpl implements 
ConnectionProperties, Serializa
     private final StringProperty trustStorePassword = new 
StringProperty("trustStorePassword",
             "Trust store password", null, null, false, null);
 
-    /** Type of the truststore. */
-    private final StringProperty trustStoreType = new 
StringProperty("trustStoreType",
-            "Type of the trust store", "PKCS12", null, false, null);
-
     /** Path to the keystore. */
     private final StringProperty keyStorePath = new 
StringProperty("keyStorePath",
             "Path to key store", null, null, false, null);
@@ -101,10 +97,6 @@ public class ConnectionPropertiesImpl implements 
ConnectionProperties, Serializa
     private final StringProperty keyStorePassword = new 
StringProperty("keyStorePassword",
             "Key store password", null, null, false, null);
 
-    /** Type of the keystore. */
-    private final StringProperty keyStoreType = new 
StringProperty("keyStoreType",
-            "Type of the key store", "PKCS12", null, false, null);
-
     /** SSL client authentication. */
     private final StringProperty clientAuth = new StringProperty("clientAuth",
             "SSL client authentication", "none", clientAuthValues(), false, 
null);
@@ -136,8 +128,8 @@ public class ConnectionPropertiesImpl implements 
ConnectionProperties, Serializa
 
     /** Properties array. */
     private final ConnectionProperty[] propsArray = {
-            qryTimeout, connTimeout, trustStorePath, trustStorePassword, 
trustStoreType,
-            sslEnabled, clientAuth, ciphers, keyStorePath, keyStorePassword, 
keyStoreType,
+            qryTimeout, connTimeout, trustStorePath, trustStorePassword,
+            sslEnabled, clientAuth, ciphers, keyStorePath, keyStorePassword,
             basicAuthenticationUsername, basicAuthenticationPassword
     };
 
@@ -275,18 +267,6 @@ public class ConnectionPropertiesImpl implements 
ConnectionProperties, Serializa
         return trustStorePassword.value();
     }
 
-    /** {@inheritDoc} */
-    @Override
-    public String getTrustStoreType() {
-        return trustStoreType.value();
-    }
-
-    /** {@inheritDoc} */
-    @Override
-    public void setKeyStoreType(String type) {
-        keyStoreType.setValue(type);
-    }
-
     /** {@inheritDoc} */
     @Override
     public void setKeyStorePath(String keyStorePath) {
@@ -311,18 +291,6 @@ public class ConnectionPropertiesImpl implements 
ConnectionProperties, Serializa
         return keyStorePassword.value();
     }
 
-    /** {@inheritDoc} */
-    @Override
-    public String getKeyStoreType() {
-        return keyStoreType.value();
-    }
-
-    /** {@inheritDoc} */
-    @Override
-    public void setTrustStoreType(String type) {
-        trustStoreType.setValue(type);
-    }
-
     /** {@inheritDoc} */
     @Override
     public boolean isSslEnabled() {
diff --git 
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
 
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
index a848766a90..c6b7fed16d 100644
--- 
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
+++ 
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
@@ -218,12 +218,10 @@ public class JdbcConnection implements Connection {
         if (connProps.isSslEnabled()) {
             return SslConfiguration.builder()
                     .enabled(true)
-                    .trustStoreType(connProps.getTrustStoreType())
                     .trustStorePath(connProps.getTrustStorePath())
                     .trustStorePassword(connProps.getTrustStorePassword())
                     .clientAuth(connProps.getClientAuth())
                     .ciphers(connProps.getCiphers())
-                    .keyStoreType(connProps.getKeyStoreType())
                     .keyStorePath(connProps.getKeyStorePath())
                     .keyStorePassword(connProps.getKeyStorePassword())
                     .build();
diff --git 
a/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
 
b/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
index c954317b9b..2410d4771a 100644
--- 
a/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
+++ 
b/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
@@ -123,7 +123,6 @@ public class ItSslTest extends IgniteIntegrationTest {
             var sslConfiguration =
                     SslConfiguration.builder()
                             .enabled(true)
-                            .trustStoreType("JKS")
                             .trustStorePath(trustStorePath)
                             .trustStorePassword(password)
                             .build();
@@ -231,7 +230,6 @@ public class ItSslTest extends IgniteIntegrationTest {
             var sslConfiguration =
                     SslConfiguration.builder()
                             .enabled(true)
-                            .trustStoreType("JKS")
                             .trustStorePath(trustStorePath)
                             .trustStorePassword(password)
                             .build();
@@ -307,7 +305,6 @@ public class ItSslTest extends IgniteIntegrationTest {
             var sslConfiguration =
                     SslConfiguration.builder()
                             .enabled(true)
-                            .trustStoreType("JKS")
                             .trustStorePath(trustStorePath)
                             .trustStorePassword(password)
                             .build();
@@ -328,7 +325,6 @@ public class ItSslTest extends IgniteIntegrationTest {
                     SslConfiguration.builder()
                             .enabled(true)
                             
.ciphers(List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"))
-                            .trustStoreType("JKS")
                             .trustStorePath(trustStorePath)
                             .trustStorePassword(password)
                             .build();
@@ -449,7 +445,6 @@ public class ItSslTest extends IgniteIntegrationTest {
             var sslConfiguration =
                     SslConfiguration.builder()
                             .enabled(true)
-                            .trustStoreType("JKS")
                             .trustStorePath(trustStorePath)
                             .trustStorePassword(password)
                             .build();
@@ -468,7 +463,6 @@ public class ItSslTest extends IgniteIntegrationTest {
             var sslConfiguration =
                     SslConfiguration.builder()
                             .enabled(true)
-                            .trustStoreType("JKS")
                             .trustStorePath(trustStorePath)
                             .trustStorePassword(password)
                             .clientAuth(REQUIRE)

Reply via email to