...
Using existing ssl.provider config
We could think of writing a custom java.security.Provider implementation to load the required KeyStore and TrustStore in a custom way. However, it would not be the correct way to use the java.security.Provider as per its responsibilities documented in java docs.This was not the correct way.did experiment using ssl.provider config and we wrote a sample provider like below. However it didn't work for us since our provider does not have implementation for SSLContext.TLS/TLSv1.1/TLSv1.2 etc.
We must not have to add implementation for SSL context classes in our provider since we only intend to customize the TrustStoreManager in below example.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
package providertest;
import java.security.Provider;
public class MyProvider extends Provider {
private static final String name = "MyProvider";
private static double version = 1.0d;
private static String info = "Maulin's SSL Provider v"+version;
public MyProvider() {
super(name, version, info);
this.put("TrustManagerFactory.PKIX", "providertest.MyTrustManagerFactory");
}
} |
Provide a way to delegate SSLContext creation
...