Hi
I think this problem would have been well discussed. I tried looking this
up in the forums but couldnt find an answer
Im using Tomcat 5.0.28 and JRE 1.5 and trying to override default
TrustManager with my own. I have written the following SSLImplementation.
The problem here is that even when the getAcceptedIssuers is being called
the checkClientTrusted method is not being called!!!! Im returning null from
getAcceptedIssuers so that it accepts all issuers.
What Im doing wrong
public class MYSSLImplementation extends JSSEImplementation
{
MyServerSocketFactory myServerSocketFactory;
static boolean usingMyServerSocketFactory = false;
static final String SSLSocketClass = "javax.net.ssl.SSLSocket";
public MySSLImplementation() throws ClassNotFoundException {
super();
System.out.println("This class has been called. Yippy!");
// TODO Auto-generated method stub
Class.forName(SSLSocketClass);
if( JdkCompat.isJava14() )
{
myServerSocketFactory = new MyServerSocketFactory();
usingMyServerSocketFactory = true;
}
// TODO Auto-generated constructor stub
}
public String getImplementationName() {
// TODO Auto-generated method stub
return super.getImplementationName();
}
public ServerSocketFactory getServerSocketFactory() {
if (usingControlIDServerSocketFactory)
return ctrlIDServerSocketFactory;
else
return super.getServerSocketFactory();
}
public SSLSupport getSSLSupport(Socket arg0) {
return super.getSSLSupport(arg0);
}
}
Here is my ServerSocketFactory
ublic class MyServerSocketFactory extends JSSE14SocketFactory{
public MyServerSocketFactory()
{
super();
}
/**
* Gets the intialized trust managers.
*/
protected TrustManager[] getTrustManagers(String keystoreType, String
algorithm)
throws Exception {
X509TrustManager tm = new MyX509TrustManager();
TrustManager tms[] = {tm};
System.out.println("Getting trust managers");
System.out.println("Keystore type:" + keystoreType);
System.out.println("Algorithm:"+ algorithm);
return tms;
}
and finally here is my TrustManager
class MyX509TrustManager implements X509TrustManager {
X509TrustManager sunX509TrustManager;
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("->DummyTrustManager:checkClientTrusted()");
for (int c = 0; c < chain.length; c++) {
X509Certificate cert = chain[c];
System.out.println(" Client certificate " + (c + 1) + ":");
System.out.println(" Subject DN: " + cert.getSubjectDN());
System.out
.println(" Signature Algorithm: " + cert.getSigAlgName());
System.out.println(" Valid from: " + cert.getNotBefore());
System.out.println(" Valid until: " + cert.getNotAfter());
System.out.println(" Issuer: " + cert.getIssuerDN());
}
}
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("->DummyTrustManager:checkServerTrusted()");
}
public X509Certificate[] getAcceptedIssuers() {
System.out.println("->DummyTrustManager:getAcceptedIssuers()");
throw new RuntimeException("Problematic area");
//return null;
}
}
