This is an automated email from the ASF dual-hosted git repository.
apkhmv pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/ignite-3.git
The following commit(s) were added to refs/heads/main by this push:
new 2d34d76f1f IGNITE-19346 Allow using default trust store in client
connections (#1971)
2d34d76f1f is described below
commit 2d34d76f1f9112141cc82b8908bc72c5e5bffddc
Author: Vadim Pakhnushev <[email protected]>
AuthorDate: Thu Apr 27 15:14:06 2023 +0300
IGNITE-19346 Allow using default trust store in client connections (#1971)
---
.../ignite/internal/cli/config/CliConfigKeys.java | 6 ++++
.../ignite/internal/cli/core/JdbcUrlFactory.java | 14 +++++++--
.../internal/cli/core/rest/ApiClientFactory.java | 2 +-
.../internal/cli/core/JdbcUrlFactoryTest.java | 18 +++++++++++
.../org/apache/ignite/client/SslConfiguration.java | 6 ----
.../internal/client/SslConfigurationBuilder.java | 31 ++-----------------
.../internal/client/SslConfigurationImpl.java | 21 +------------
.../io/netty/NettyClientConnectionMultiplexer.java | 33 ++++++++------------
.../ignite/internal/jdbc/ConnectionProperties.java | 28 -----------------
.../internal/jdbc/ConnectionPropertiesImpl.java | 36 ++--------------------
.../ignite/internal/jdbc/JdbcConnection.java | 2 --
.../org/apache/ignite/internal/ssl/ItSslTest.java | 6 ----
12 files changed, 53 insertions(+), 150 deletions(-)
diff --git
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
index a0dac921fa..6f3d0ad599 100644
---
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
+++
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/config/CliConfigKeys.java
@@ -45,6 +45,9 @@ public enum CliConfigKeys {
/** Default JDBC URL property name. */
JDBC_URL(Constants.JDBC_URL),
+ /** JDBC SSL enabled property name. */
+ JDBC_SSL_ENABLED(Constants.JDBC_SSL_ENABLED),
+
/** JDBC trust store path property name. */
JDBC_TRUST_STORE_PATH(Constants.JDBC_TRUST_STORE_PATH),
@@ -81,6 +84,7 @@ public enum CliConfigKeys {
REST_KEY_STORE_PATH,
REST_TRUST_STORE_PASSWORD,
REST_TRUST_STORE_PATH,
+ JDBC_SSL_ENABLED,
JDBC_KEY_STORE_PASSWORD,
JDBC_KEY_STORE_PATH,
JDBC_TRUST_STORE_PASSWORD,
@@ -110,6 +114,8 @@ public enum CliConfigKeys {
public static final String JDBC_URL = "ignite.jdbc-url";
+ public static final String JDBC_SSL_ENABLED =
"ignite.jdbc.ssl-enabled";
+
public static final String JDBC_TRUST_STORE_PATH =
"ignite.jdbc.trust-store.path";
public static final String JDBC_TRUST_STORE_PASSWORD =
"ignite.jdbc.trust-store.password";
diff --git
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
index 64b0547a8b..7403bf8f06 100644
---
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
+++
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/JdbcUrlFactory.java
@@ -22,6 +22,7 @@ import static
org.apache.ignite.internal.cli.config.CliConfigKeys.BASIC_AUTHENTI
import static
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_CLIENT_AUTH;
import static
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_KEY_STORE_PASSWORD;
import static
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_KEY_STORE_PATH;
+import static
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_SSL_ENABLED;
import static
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_TRUST_STORE_PASSWORD;
import static
org.apache.ignite.internal.cli.config.CliConfigKeys.JDBC_TRUST_STORE_PATH;
@@ -74,9 +75,7 @@ public class JdbcUrlFactory {
addIfSet(queryParams, JDBC_KEY_STORE_PATH, "keyStorePath");
addIfSet(queryParams, JDBC_KEY_STORE_PASSWORD, "keyStorePassword");
addIfSet(queryParams, JDBC_CLIENT_AUTH, "clientAuth");
- if (!queryParams.isEmpty()) {
- queryParams.add(0, "sslEnabled=true");
- }
+ addSslEnabledIfNeeded(queryParams);
addIfSet(queryParams, BASIC_AUTHENTICATION_USERNAME,
"basicAuthenticationUsername");
addIfSet(queryParams, BASIC_AUTHENTICATION_PASSWORD,
"basicAuthenticationPassword");
if (!queryParams.isEmpty()) {
@@ -88,6 +87,15 @@ public class JdbcUrlFactory {
}
}
+ private void addSslEnabledIfNeeded(List<String> queryParams) {
+ String sslEnabled =
configManagerProvider.get().getCurrentProperty(JDBC_SSL_ENABLED.value());
+ if (sslEnabled != null) {
+ queryParams.add(0, "sslEnabled=" + sslEnabled);
+ } else if (!queryParams.isEmpty()) {
+ queryParams.add(0, "sslEnabled=true");
+ }
+ }
+
private void addIfSet(List<String> queryParams, CliConfigKeys key, String
property) {
ConfigManager configManager = configManagerProvider.get();
String value = configManager.getCurrentProperty(key.value());
diff --git
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
index 98e5a70590..5357a74d69 100644
---
a/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
+++
b/modules/cli/src/main/java/org/apache/ignite/internal/cli/core/rest/ApiClientFactory.java
@@ -156,7 +156,7 @@ public class ApiClientFactory {
} else {
char[] password = settings.keyStorePassword() == null ? null :
settings.keyStorePassword().toCharArray();
KeyStore keyStore = KeyStore.getInstance(new
File(settings.keyStorePath()), password);
- keyManagerFactory.init(keyStore,
settings.keyStorePassword().toCharArray());
+ keyManagerFactory.init(keyStore, password);
}
return keyManagerFactory;
diff --git
a/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
b/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
index 9d290da6a5..1eb1e41dc7 100644
---
a/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
+++
b/modules/cli/src/test/java/org/apache/ignite/internal/cli/core/JdbcUrlFactoryTest.java
@@ -24,6 +24,7 @@ import static
org.apache.ignite.internal.cli.commands.cliconfig.TestConfigManage
import static org.junit.jupiter.api.Assertions.assertEquals;
import
org.apache.ignite.internal.cli.commands.cliconfig.TestConfigManagerProvider;
+import org.apache.ignite.internal.cli.config.CliConfigKeys;
import org.junit.jupiter.api.Test;
class JdbcUrlFactoryTest {
@@ -56,6 +57,23 @@ class JdbcUrlFactoryTest {
assertEquals(expectedJdbcUrl, jdbcUrl);
}
+ @Test
+ void withSslEnabledExplicitly() {
+ // Given config with JDBC SSL enabled and ssl-enabled set to true in
the config explicitly
+ configManagerProvider.setConfigFile(createIntegrationTestsConfig(),
createJdbcTestsSslSecretConfig());
+
configManagerProvider.configManager.setProperty(CliConfigKeys.JDBC_SSL_ENABLED.value(),
"true");
+
+ // Then JDBC URL is constructed with SSL settings
+ String jdbcUrl =
factory.constructJdbcUrl("{clientConnector:{port:10800}}",
"http://localhost:10300");
+ String expectedJdbcUrl = "jdbc:ignite:thin://localhost:10800"
+ + "?sslEnabled=true"
+ + "&trustStorePath=ssl/truststore.jks"
+ + "&trustStorePassword=changeit"
+ + "&keyStorePath=ssl/keystore.p12"
+ + "&keyStorePassword=changeit";
+ assertEquals(expectedJdbcUrl, jdbcUrl);
+ }
+
@Test
void withBasic() {
// Given config with basic authentication enabled
diff --git
a/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
b/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
index 075aa82829..9018ada1f7 100644
---
a/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
+++
b/modules/client/src/main/java/org/apache/ignite/client/SslConfiguration.java
@@ -37,18 +37,12 @@ public interface SslConfiguration {
/** Keystore password that will be used to setup the SSL connection. */
@Nullable String keyStorePassword();
- /** Keystore type that will be used to setup the SSL connection. */
- String keyStoreType();
-
/** Truststore path that will be used to setup the SSL connection. */
@Nullable String trustStorePath();
/** Truststore password that will be used to setup the SSL connection. */
@Nullable String trustStorePassword();
- /** Truststore type that will be used to setup the SSL connection. */
- String trustStoreType();
-
/** SSL configuration builder. */
static SslConfigurationBuilder builder() {
return new SslConfigurationBuilder();
diff --git
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
index 5f69dc6264..2b23e0f591 100644
---
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
+++
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationBuilder.java
@@ -23,7 +23,6 @@ import org.jetbrains.annotations.Nullable;
/** SSL configuration builder. */
public class SslConfigurationBuilder {
- private static final String DEFAULT_KEYSTORE_TYPE = "PKCS12";
private boolean enabled = false;
@@ -35,14 +34,10 @@ public class SslConfigurationBuilder {
private @Nullable String keyStorePassword;
- private String keyStoreType = DEFAULT_KEYSTORE_TYPE;
-
private @Nullable String trustStorePath;
private @Nullable String trustStorePassword;
- private String trustStoreType = DEFAULT_KEYSTORE_TYPE;
-
/** Enabled/disabled setter. */
public SslConfigurationBuilder enabled(boolean enabled) {
this.enabled = enabled;
@@ -78,17 +73,6 @@ public class SslConfigurationBuilder {
return this;
}
- /** Keystore type setter. If set to {@code null} then the default PKCS12
type is used. */
- public SslConfigurationBuilder keyStoreType(@Nullable String keyStoreType)
{
- if (keyStoreType == null) {
- this.keyStoreType = DEFAULT_KEYSTORE_TYPE;
- return this;
- }
-
- this.keyStoreType = keyStoreType;
- return this;
- }
-
/** Truststore path setter. */
public SslConfigurationBuilder trustStorePath(@Nullable String
trustStorePath) {
this.trustStorePath = trustStorePath;
@@ -101,23 +85,12 @@ public class SslConfigurationBuilder {
return this;
}
- /** Truststore type setter. If set to {@code null} then the default PKCS12
type is used. */
- public SslConfigurationBuilder trustStoreType(@Nullable String
trustStoreType) {
- if (trustStoreType == null) {
- this.trustStoreType = DEFAULT_KEYSTORE_TYPE;
- return this;
- }
-
- this.trustStoreType = trustStoreType;
- return this;
- }
-
/** Build SslConfiguration instance. */
public SslConfiguration build() {
return new SslConfigurationImpl(
enabled, clientAuth, ciphers,
- keyStorePath, keyStorePassword, keyStoreType,
- trustStorePath, trustStorePassword, trustStoreType
+ keyStorePath, keyStorePassword,
+ trustStorePath, trustStorePassword
);
}
}
diff --git
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
index a38eaa8e2f..2d64acfa8e 100644
---
a/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
+++
b/modules/client/src/main/java/org/apache/ignite/internal/client/SslConfigurationImpl.java
@@ -33,14 +33,10 @@ public class SslConfigurationImpl implements
SslConfiguration {
private final @Nullable String keyStorePassword;
- private final String keyStoreType;
-
private final @Nullable String trustStorePath;
private final @Nullable String trustStorePassword;
- private final String trustStoreType;
-
/** Main constructor. */
SslConfigurationImpl(
boolean enabled,
@@ -48,20 +44,16 @@ public class SslConfigurationImpl implements
SslConfiguration {
@Nullable Iterable<String> ciphers,
@Nullable String keyStorePath,
@Nullable String keyStorePassword,
- String keyStoreType,
@Nullable String trustStorePath,
- @Nullable String trustStorePassword,
- String trustStoreType
+ @Nullable String trustStorePassword
) {
this.enabled = enabled;
this.clientAuth = clientAuth;
this.ciphers = ciphers;
this.keyStorePath = keyStorePath;
this.keyStorePassword = keyStorePassword;
- this.keyStoreType = keyStoreType;
this.trustStorePath = trustStorePath;
this.trustStorePassword = trustStorePassword;
- this.trustStoreType = trustStoreType;
}
/** {@inheritDoc} */
@@ -93,12 +85,6 @@ public class SslConfigurationImpl implements
SslConfiguration {
return keyStorePassword;
}
- /** {@inheritDoc} */
- @Override
- public String keyStoreType() {
- return keyStoreType;
- }
-
/** {@inheritDoc} */
@Override
public @Nullable String trustStorePath() {
@@ -111,9 +97,4 @@ public class SslConfigurationImpl implements
SslConfiguration {
return trustStorePassword;
}
- /** {@inheritDoc} */
- @Override
- public String trustStoreType() {
- return trustStoreType;
- }
}
diff --git
a/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
b/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
index ee4b1fdbb8..fa4264b08a 100644
---
a/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
+++
b/modules/client/src/main/java/org/apache/ignite/internal/client/io/netty/NettyClientConnectionMultiplexer.java
@@ -29,11 +29,9 @@ import io.netty.channel.socket.nio.NioSocketChannel;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
+import java.io.File;
import java.io.IOException;
-import java.io.InputStream;
import java.net.InetSocketAddress;
-import java.nio.file.Files;
-import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
@@ -124,38 +122,31 @@ public class NettyClientConnectionMultiplexer implements
ClientConnectionMultipl
private static KeyManagerFactory loadKeyManagerFactory(SslConfiguration
ssl)
throws KeyStoreException, IOException, NoSuchAlgorithmException,
CertificateException, UnrecoverableKeyException {
- KeyStore ks = KeyStore.getInstance(ssl.keyStoreType());
+ KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- char[] ksPassword = ssl.keyStorePassword() == null ? null :
ssl.keyStorePassword().toCharArray();
if (ssl.keyStorePath() != null) {
- try (InputStream is =
Files.newInputStream(Path.of(ssl.keyStorePath()))) {
- ks.load(is, ksPassword);
- }
+ char[] ksPassword = ssl.keyStorePassword() == null ? null :
ssl.keyStorePassword().toCharArray();
+ KeyStore ks = KeyStore.getInstance(new File(ssl.keyStorePath()),
ksPassword);
+ keyManagerFactory.init(ks, ksPassword);
} else {
- ks.load(null, ksPassword);
+ keyManagerFactory.init(null, null);
}
- KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- keyManagerFactory.init(ks, ksPassword);
return keyManagerFactory;
}
private static TrustManagerFactory
loadTrustManagerFactory(SslConfiguration ssl)
throws KeyStoreException, IOException, NoSuchAlgorithmException,
CertificateException {
- KeyStore ts = KeyStore.getInstance(ssl.trustStoreType());
- char[] tsPassword = ssl.trustStorePassword() == null ? null :
ssl.trustStorePassword().toCharArray();
+ TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+
if (ssl.trustStorePath() != null) {
- try (InputStream is =
Files.newInputStream(Path.of(ssl.trustStorePath()))) {
- ts.load(is, tsPassword);
- }
+ char[] tsPassword = ssl.trustStorePassword() == null ? null :
ssl.trustStorePassword().toCharArray();
+ KeyStore ts = KeyStore.getInstance(new File(ssl.trustStorePath()),
tsPassword);
+ trustManagerFactory.init(ts);
} else {
- ts.load(null, tsPassword);
+ trustManagerFactory.init((KeyStore) null);
}
- TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(
- TrustManagerFactory.getDefaultAlgorithm()
- );
- trustManagerFactory.init(ts);
return trustManagerFactory;
}
diff --git
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
index d81a3095df..fbc1f319f8 100644
---
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
+++
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionProperties.java
@@ -184,13 +184,6 @@ public interface ConnectionProperties {
*/
void setTrustStorePassword(String password);
- /**
- * Set keystore type. For example, PKSC12 or JKS.
- *
- * @param type Truststore type.
- */
- void setTrustStoreType(String type);
-
/**
* Trust store path.
*
@@ -205,20 +198,6 @@ public interface ConnectionProperties {
*/
String getTrustStorePassword();
- /**
- * Truststore type.
- *
- * @return Truststore type.
- */
- String getTrustStoreType();
-
- /**
- * Set keystore type. For example, PKSC12 or JKS.
- *
- * @param type Keystore type.
- */
- void setKeyStoreType(String type);
-
/**
* Set key store path that will be used to setup SSL connection.
*
@@ -247,13 +226,6 @@ public interface ConnectionProperties {
*/
String getKeyStorePassword();
- /**
- * Keystore type.
- *
- * @return Keytore type.
- */
- String getKeyStoreType();
-
/**
* Basic authentication username.
*
diff --git
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
index c3cfea3a63..164638a482 100644
---
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
+++
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/ConnectionPropertiesImpl.java
@@ -89,10 +89,6 @@ public class ConnectionPropertiesImpl implements
ConnectionProperties, Serializa
private final StringProperty trustStorePassword = new
StringProperty("trustStorePassword",
"Trust store password", null, null, false, null);
- /** Type of the truststore. */
- private final StringProperty trustStoreType = new
StringProperty("trustStoreType",
- "Type of the trust store", "PKCS12", null, false, null);
-
/** Path to the keystore. */
private final StringProperty keyStorePath = new
StringProperty("keyStorePath",
"Path to key store", null, null, false, null);
@@ -101,10 +97,6 @@ public class ConnectionPropertiesImpl implements
ConnectionProperties, Serializa
private final StringProperty keyStorePassword = new
StringProperty("keyStorePassword",
"Key store password", null, null, false, null);
- /** Type of the keystore. */
- private final StringProperty keyStoreType = new
StringProperty("keyStoreType",
- "Type of the key store", "PKCS12", null, false, null);
-
/** SSL client authentication. */
private final StringProperty clientAuth = new StringProperty("clientAuth",
"SSL client authentication", "none", clientAuthValues(), false,
null);
@@ -136,8 +128,8 @@ public class ConnectionPropertiesImpl implements
ConnectionProperties, Serializa
/** Properties array. */
private final ConnectionProperty[] propsArray = {
- qryTimeout, connTimeout, trustStorePath, trustStorePassword,
trustStoreType,
- sslEnabled, clientAuth, ciphers, keyStorePath, keyStorePassword,
keyStoreType,
+ qryTimeout, connTimeout, trustStorePath, trustStorePassword,
+ sslEnabled, clientAuth, ciphers, keyStorePath, keyStorePassword,
basicAuthenticationUsername, basicAuthenticationPassword
};
@@ -275,18 +267,6 @@ public class ConnectionPropertiesImpl implements
ConnectionProperties, Serializa
return trustStorePassword.value();
}
- /** {@inheritDoc} */
- @Override
- public String getTrustStoreType() {
- return trustStoreType.value();
- }
-
- /** {@inheritDoc} */
- @Override
- public void setKeyStoreType(String type) {
- keyStoreType.setValue(type);
- }
-
/** {@inheritDoc} */
@Override
public void setKeyStorePath(String keyStorePath) {
@@ -311,18 +291,6 @@ public class ConnectionPropertiesImpl implements
ConnectionProperties, Serializa
return keyStorePassword.value();
}
- /** {@inheritDoc} */
- @Override
- public String getKeyStoreType() {
- return keyStoreType.value();
- }
-
- /** {@inheritDoc} */
- @Override
- public void setTrustStoreType(String type) {
- trustStoreType.setValue(type);
- }
-
/** {@inheritDoc} */
@Override
public boolean isSslEnabled() {
diff --git
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
index a848766a90..c6b7fed16d 100644
---
a/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
+++
b/modules/jdbc/src/main/java/org/apache/ignite/internal/jdbc/JdbcConnection.java
@@ -218,12 +218,10 @@ public class JdbcConnection implements Connection {
if (connProps.isSslEnabled()) {
return SslConfiguration.builder()
.enabled(true)
- .trustStoreType(connProps.getTrustStoreType())
.trustStorePath(connProps.getTrustStorePath())
.trustStorePassword(connProps.getTrustStorePassword())
.clientAuth(connProps.getClientAuth())
.ciphers(connProps.getCiphers())
- .keyStoreType(connProps.getKeyStoreType())
.keyStorePath(connProps.getKeyStorePath())
.keyStorePassword(connProps.getKeyStorePassword())
.build();
diff --git
a/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
b/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
index c954317b9b..2410d4771a 100644
---
a/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
+++
b/modules/runner/src/integrationTest/java/org/apache/ignite/internal/ssl/ItSslTest.java
@@ -123,7 +123,6 @@ public class ItSslTest extends IgniteIntegrationTest {
var sslConfiguration =
SslConfiguration.builder()
.enabled(true)
- .trustStoreType("JKS")
.trustStorePath(trustStorePath)
.trustStorePassword(password)
.build();
@@ -231,7 +230,6 @@ public class ItSslTest extends IgniteIntegrationTest {
var sslConfiguration =
SslConfiguration.builder()
.enabled(true)
- .trustStoreType("JKS")
.trustStorePath(trustStorePath)
.trustStorePassword(password)
.build();
@@ -307,7 +305,6 @@ public class ItSslTest extends IgniteIntegrationTest {
var sslConfiguration =
SslConfiguration.builder()
.enabled(true)
- .trustStoreType("JKS")
.trustStorePath(trustStorePath)
.trustStorePassword(password)
.build();
@@ -328,7 +325,6 @@ public class ItSslTest extends IgniteIntegrationTest {
SslConfiguration.builder()
.enabled(true)
.ciphers(List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"))
- .trustStoreType("JKS")
.trustStorePath(trustStorePath)
.trustStorePassword(password)
.build();
@@ -449,7 +445,6 @@ public class ItSslTest extends IgniteIntegrationTest {
var sslConfiguration =
SslConfiguration.builder()
.enabled(true)
- .trustStoreType("JKS")
.trustStorePath(trustStorePath)
.trustStorePassword(password)
.build();
@@ -468,7 +463,6 @@ public class ItSslTest extends IgniteIntegrationTest {
var sslConfiguration =
SslConfiguration.builder()
.enabled(true)
- .trustStoreType("JKS")
.trustStorePath(trustStorePath)
.trustStorePassword(password)
.clientAuth(REQUIRE)