[
https://issues.apache.org/jira/browse/JCR-4799?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17561445#comment-17561445
]
Konrad Windszus edited comment on JCR-4799 at 7/1/22 4:52 PM:
--------------------------------------------------------------
I updated the patch to separate into tests into IT and UT, reverted back to
throwing checked {{RepositoryException}} only in the {{RepositoryServiceImpl}}
constructor and made the IT conditional: [^jackrabbit-spi2dav-systemv3.patch]
with the additional binary [^emptyPKCS12.keystore] required at
{{jackrabbit-spi2dav/src/test/resources/org/apache/jackrabbit/spi2dav/emptyPKCS12.keystore}}
was (Author: kwin):
I updated the patch to separate into tests into IT and UT, reverted back to
throwing checked {{RepositoryException}} only in the {{RepositoryServiceImpl}}
constructor and made the IT conditional: [^jackrabbit-spi2dav-systemv3.patch]
> jackrabbit.client.useSystemProperties undone by SSL config: client
> certificates no longer work
> ----------------------------------------------------------------------------------------------
>
> Key: JCR-4799
> URL: https://issues.apache.org/jira/browse/JCR-4799
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Components: jackrabbit-spi2dav
> Affects Versions: 2.20.5
> Reporter: Graham Leggett
> Assignee: Konrad Windszus
> Priority: Major
> Fix For: 2.22
>
> Attachments: emptyPKCS12.keystore, jackrabbit-spi2dav-system.patch,
> jackrabbit-spi2dav-systemv2.patch, jackrabbit-spi2dav-systemv3.patch
>
>
> When jackrabbit.client.useSystemProperties is used in an effort to make
> java.net.ssl.* constants work, this is undone by the explicit initialisation
> of SSL.
> As a result, client certificates no longer work, and control over SSL
> parameters like protocol, etc is lost.
> The fix is to use the SSLConnectionSocketFactory.getSystemSocketFactory()
> constructor in the system properties case.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
