OF-30: Separate loading of keystore and truststore

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11587 b35dd754-fafc-0310-a699-88a17e54d16e

OF-30: Separate loading of keystore and truststore
git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11587 b35dd754-fafc-0310-a699-88a17e54d16e
b075c2f6 · Günther Niess · niess · 5fc2a009 · b075c2f6
Commit b075c2f6 authored Feb 01, 2010 by Günther Niess Committed by niess Feb 01, 2010
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 18 deletions

SSLConfig.java src/java/org/jivesoftware/openfire/net/SSLConfig.java +19 -18

No files found.
--- a/src/java/org/jivesoftware/openfire/net/SSLConfig.java
+++ b/src/java/org/jivesoftware/openfire/net/SSLConfig.java
@@ -102,24 +102,29 @@ public class SSLConfig {
        s2sTrustpass = JiveGlobals.getProperty("xmpp.socket.ssl.trustpass", "changeit");
        s2sTrustpass = s2sTrustpass.trim();
-	    // Load s2s keystore and trusstore
+        // Load s2s keystore
        try {
            keyStore = KeyStore.getInstance(storeType);
            keyStore.load(new FileInputStream(keyStoreLocation), keypass.toCharArray());
+        }
+        catch (Exception e) {
+            Log.error("SSLConfig startup problem.\n" +
+                    "  storeType: [" + storeType + "]\n" +
+                    "  keyStoreLocation: [" + keyStoreLocation + "]\n" +
+                    "  keypass: [" + keypass + "]\n", e);
+            keyStore = null;
+            s2sFactory = null;
+        }
+        // Load s2s trusstore
+        try {
            s2sTrustStore = KeyStore.getInstance(storeType);
            s2sTrustStore.load(new FileInputStream(s2sTrustStoreLocation), s2sTrustpass.toCharArray());
        }
        catch (Exception e) {
            Log.error("SSLConfig startup problem.\n" +
                    "  storeType: [" + storeType + "]\n" +
-                    "  keyStoreLocation: [" + keyStoreLocation + "]\n" +
-                    "  keypass: [" + keypass + "]\n" +
                    "  s2sTrustStoreLocation: [" + s2sTrustStoreLocation + "]\n" +
                    "  s2sTrustpass: [" + s2sTrustpass + "]\n", e); 
-            keyStore = null;
            s2sTrustStore = null;
            s2sFactory = null;
        }
@@ -314,12 +319,6 @@ public class SSLConfig {
        try {
            keyStore = KeyStore.getInstance(storeType);
            keyStore.load(null, keypass.toCharArray());
-            // Also generate the trustStore if necessary
-            if (s2sTrustStore == null) {
-                s2sTrustStore = KeyStore.getInstance(storeType);
-                s2sTrustStore.load(null, s2sTrustpass.toCharArray());
-            }
        }
        catch (Exception e) {
            Log.error("Unable to initialize keystore: ", e);
@@ -337,12 +336,14 @@ public class SSLConfig {
                keyStoreDirectory.mkdirs();
            keyStore.store(new FileOutputStream(keyStoreLocation), keypass.toCharArray());
-            File s2sTrustStoreDirectory = new File(s2sTrustStoreLocation).getParentFile();
+            if (s2sTrustStore != null) {
-            if (!s2sTrustStoreDirectory.exists())
+                File s2sTrustStoreDirectory = new File(s2sTrustStoreLocation).getParentFile();
-                s2sTrustStoreDirectory.mkdirs();
+                if (!s2sTrustStoreDirectory.exists())
-            s2sTrustStore.store(new FileOutputStream(s2sTrustStoreLocation), s2sTrustpass.toCharArray());
+                    s2sTrustStoreDirectory.mkdirs();
+                s2sTrustStore.store(new FileOutputStream(s2sTrustStoreLocation), s2sTrustpass.toCharArray());
+            }
-            if (c2sTrustStore != s2sTrustStore) {
+            if (c2sTrustStore != null && c2sTrustStore != s2sTrustStore) {
                File c2sTrustStoreDirectory = new File(c2sTrustStoreLocation).getParentFile();
                if (!c2sTrustStoreDirectory.exists())
                    c2sTrustStoreDirectory.mkdirs();