This is an automated email from the ASF dual-hosted git repository. jfclere pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push: new 7988d73 Read all the certificates from /var/run/secrets/kubernetes.io/serviceaccount/ca.crt and add them. 7988d73 is described below commit 7988d7313c04080dc9989f003a3c480b4ff4234a Author: Jean-Frederic Clere <jfcl...@gmail.com> AuthorDate: Fri Jul 26 10:31:07 2019 +0200 Read all the certificates from /var/run/secrets/kubernetes.io/serviceaccount/ca.crt and add them. --- .../tribes/membership/cloud/AbstractStreamProvider.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java b/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java index a3da2d7..1aa68bf 100644 --- a/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java +++ b/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java @@ -28,6 +28,8 @@ import java.security.KeyStore; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.util.Collection; +import java.util.Iterator; import java.util.Map; import javax.net.ssl.HttpsURLConnection; @@ -113,13 +115,17 @@ public abstract class AbstractStreamProvider implements StreamProvider { if (caCertFile != null) { try (InputStream pemInputStream = new BufferedInputStream(new FileInputStream(caCertFile))) { CertificateFactory certFactory = CertificateFactory.getInstance("X509"); - X509Certificate cert = (X509Certificate)certFactory.generateCertificate(pemInputStream); KeyStore trustStore = KeyStore.getInstance("JKS"); trustStore.load(null); - String alias = cert.getSubjectX500Principal().getName(); - trustStore.setCertificateEntry(alias, cert); + Collection c = certFactory.generateCertificates(pemInputStream); + Iterator i = c.iterator(); + while (i.hasNext()) { + X509Certificate cert = (X509Certificate)i.next(); + String alias = cert.getSubjectX500Principal().getName(); + trustStore.setCertificateEntry(alias, cert); + } TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org