Uploaded image for project: 'JBoss Remoting'
  1. JBoss Remoting
  2. JBREM-1306

Remoting tries to create SSLSocketFactory even when not desired

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Minor
    • Resolution: Done
    • Affects Version/s: 2.2.4, 2.5.4.SP3
    • Fix Version/s: 2.2.4.SP1, 2.5.4.SP4
    • Component/s: None
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      Add the code in the description before a web service invocation.

      Show
      Add the code in the description before a web service invocation.
    • Workaround Description:
      Hide

      Install a Log4J filter that denies the confusing ERROR log message. Remoting still tries to create its own SSLSocketFactory, but it will harmlessly fail silently.

      Show
      Install a Log4J filter that denies the confusing ERROR log message. Remoting still tries to create its own SSLSocketFactory , but it will harmlessly fail silently.

      Description

      Running the following code is an alternative way to set the keystore/truststore in a remoting client:

       KeyStore ksTrust = KeyStore.getInstance("JKS");
          ksTrust.load(new FileInputStream("testTrust"), passphrase);
      
          TrustManagerFactory tmf =
              TrustManagerFactory.getInstance("SunX509");
          tmf.init(ksTrust);
      
          SSLContext sslContext = SSLContext.getInstance("TLS");
          sslContext.init(null, tmf.getTrustManagers(), null);
      
          HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
      

      When this code is added, Remoting should not try to create its own SSLSocketFactory. Currently there is no way to tell Remoting to not try. This causes a confusing ERROR message:

      Error creating SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.
      

      After this message is logged, the client still works because it falls back to the default SSLSocketFactory (that was already set).

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  ron_sigal Ronald Sigal
                  Reporter:
                  klape Kyle Lape
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: