[jira] [Updated] (HTTPCLIENT-1320) SSLSocketFactory.createSystemSSLContext causes java.security.UnrecoverableKeyException: Password verification failed

Abe Backus (JIRA) Fri, 08 Feb 2013 16:11:16 -0800

     [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Abe Backus updated HTTPCLIENT-1320:
-----------------------------------

    Attachment: HTTPCLIENT_1320.java

Sample code also attached. Note: This is reproducible when using the 
SystemDefaultHttpClient.


Desktop$ java -classpath 
.:org.apache.httpcomponents.httpcore_4.2.1.jar:org.apache.httpcomponents.httpclient_4.2.1.jar:commons-logging-1.1.1.jar
 -Djavax.net.ssl.trustStore=cacerts HTTPCLIENT_1320
executing request https://www.google.com/
Exception in thread "main" org.apache.http.conn.ssl.SSLInitializationException: 
Failure initializing default system SSL context
        at 
org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:368)
        at 
org.apache.http.conn.ssl.SSLSocketFactory.getSystemSocketFactory(SSLSocketFactory.java:204)
        at 
org.apache.http.impl.conn.SchemeRegistryFactory.createSystemDefault(SchemeRegistryFactory.java:82)
        at 
org.apache.http.impl.client.SystemDefaultHttpClient.createClientConnectionManager(SystemDefaultHttpClient.java:118)
        at 
org.apache.http.impl.client.AbstractHttpClient.getConnectionManager(AbstractHttpClient.java:466)
        at HTTPCLIENT_1320.main(HTTPCLIENT_1320.java:26)
Caused by: java.io.IOException: Keystore was tampered with, or password was 
incorrect
        at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
        at 
sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
        at java.security.KeyStore.load(KeyStore.java:1185)
        at 
org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:281)
        at 
org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:366)
        ... 5 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
        at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769)
        ... 9 more

                
> SSLSocketFactory.createSystemSSLContext causes 
> java.security.UnrecoverableKeyException: Password verification failed
> --------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1320
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1320
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2.2, 4.2.3, 4.2.4, 4.3 Alpha1, 4.3 Alpha2, 4.3 Final
>         Environment: Java System Property javax.net.ssl.trustStore is set, 
> but javax.net.ssl.trustStorePassword is not.
>            Reporter: Abe Backus
>         Attachments: HTTPCLIENT_1320.java, HTTPCLIENT-1320.patch
>
>
> When the Java System property "javax.net.ssl.trustStore" is specified, but 
> "javax.net.ssl.trustStorePassword" is not, requests are encountering the 
> exception listed below. This is reproducible in version 4.2.1 and looking at 
> the relevant code, it should also be reproducible in all other versions as 
> well.
> This appears to be fixed if the password value for loading the keystore falls 
> back to *null* instead of the empty string. I'm not sure if this problem also 
> exists with the "javax.net.ssl.keyStore" logic as well, but I suspect it does.
> The workaround is to set the "javax.net.ssl.trustStorePassword" 
> appropriately, assuming that you know the correct value.
> Caused by: java.io.IOException: Keystore was tampered with, or password was 
> incorrect
>       at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
>       at 
> sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
>       at java.security.KeyStore.load(KeyStore.java:1185)
>       at 
> org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:281)
>       at 
> org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:366)
>       ... 37 more
> Caused by: java.security.UnrecoverableKeyException: Password verification 
> failed
>       at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769)
>       ... 41 more

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HTTPCLIENT-1320) SSLSocketFactory.createSystemSSLContext causes java.security.UnrecoverableKeyException: Password verification failed

Reply via email to