[knox] branch master updated: KNOX-1856 - Incorrect error message in case there is no 'gateway-identity' certificate in the configured keystore (#92)

krisden Wed, 22 May 2019 11:51:10 -0700

This is an automated email from the ASF dual-hosted git repository.

krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git



The following commit(s) were added to refs/heads/master by this push:
     new 3f657ba  KNOX-1856 - Incorrect error message in case there is no 
'gateway-identity' certificate in the configured keystore (#92)
3f657ba is described below

commit 3f657bab2fd9887ffb45c9edded6b76b9f55e976
Author: Sandor Molnar <[email protected]>
AuthorDate: Wed May 22 19:13:22 2019 +0200

    KNOX-1856 - Incorrect error message in case there is no 'gateway-identity' 
certificate in the configured keystore (#92)
---
 .../knox/gateway/services/security/impl/JettySSLService.java       | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git 
a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java
 
b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java
index b705922..31d718a 100644
--- 
a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java
+++ 
b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java
@@ -99,8 +99,9 @@ public class JettySSLService implements SSLService {
   private void logAndValidateCertificate(GatewayConfig config) throws 
ServiceLifecycleException {
     // let's log the hostname (CN) and cert expiry from the gateway's public 
cert to aid in SSL debugging
     Certificate cert;
+    final String identityKeyAlias = config.getIdentityKeyAlias();
     try {
-      cert = as.getCertificateForGateway(config.getIdentityKeyAlias());
+      cert = as.getCertificateForGateway(identityKeyAlias);
     } catch (AliasServiceException e) {
       throw new ServiceLifecycleException("Cannot Retreive Gateway SSL 
Certificate. Server will not start.", e);
     }
@@ -122,10 +123,10 @@ public class JettySSLService implements SSLService {
           throw new ServiceLifecycleException("Gateway SSL Certificate is not 
yet valid. Server will not start.", e);
         }
       } else {
-        throw new ServiceLifecycleException("Public certificate for the 
gateway cannot be found with the alias gateway-identity. Plase check the 
identity certificate alias.");
+        throw new ServiceLifecycleException("Public certificate for the 
gateway is not of the expected type of  . Something is wrong with the gateway 
keystore.");
       }
     } else {
-      throw new ServiceLifecycleException("Public certificate for the gateway 
is not of the expected type of X509Certificate. Something is wrong with the 
gateway keystore.");
+      throw new ServiceLifecycleException("Public certificate for the gateway 
cannot be found with the alias " + identityKeyAlias + ". Please check the 
identity certificate alias.");
     }
   }

[knox] branch master updated: KNOX-1856 - Incorrect error message in case there is no 'gateway-identity' certificate in the configured keystore (#92)

Reply via email to