From f2f9b5c2d40ac26827262fe2ed177f32011ce89a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Pachucki?= Date: Sun, 8 Jan 2023 21:26:06 +0100 Subject: [PATCH] Allow empty keystore in SSLContextFactory. Fixes #1183 --- .../configuration/SSLContextFactory.java | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/spring-cloud-commons/src/main/java/org/springframework/cloud/configuration/SSLContextFactory.java b/spring-cloud-commons/src/main/java/org/springframework/cloud/configuration/SSLContextFactory.java index 74cc5d8e6..1163c191f 100644 --- a/spring-cloud-commons/src/main/java/org/springframework/cloud/configuration/SSLContextFactory.java +++ b/spring-cloud-commons/src/main/java/org/springframework/cloud/configuration/SSLContextFactory.java @@ -42,17 +42,19 @@ public SSLContext createSSLContext() throws GeneralSecurityException, IOExceptio char[] keyPassword = properties.keyPassword(); KeyStore keyStore = createKeyStore(); - try { - builder.loadKeyMaterial(keyStore, keyPassword); - } - catch (UnrecoverableKeyException e) { - if (keyPassword.length == 0) { - // Retry if empty password, see - // https://rt.openssl.org/Ticket/Display.html?id=1497&user=guest&pass=guest - builder.loadKeyMaterial(keyStore, new char[] { '\0' }); + if (keyStore != null) { + try { + builder.loadKeyMaterial(keyStore, keyPassword); } - else { - throw e; + catch (UnrecoverableKeyException e) { + if (keyPassword.length == 0) { + // Retry if empty password, see + // https://rt.openssl.org/Ticket/Display.html?id=1497&user=guest&pass=guest + builder.loadKeyMaterial(keyStore, new char[] { '\0' }); + } + else { + throw e; + } } } @@ -66,7 +68,7 @@ public SSLContext createSSLContext() throws GeneralSecurityException, IOExceptio public KeyStore createKeyStore() throws GeneralSecurityException, IOException { if (properties.getKeyStore() == null) { - throw new KeyStoreException("Keystore not specified."); + return null; } if (!properties.getKeyStore().exists()) { throw new KeyStoreException("Keystore not exists: " + properties.getKeyStore());