Merge pull request #2641 from eclipse/jetty-9.4.x-901-load_truststore

Issue #901 - Overriding SSL context KeyStoreType requires explicit override of TrustStoreType.
2018-06-19 09:01:17 +02:00 · 2018-06-19 09:01:17 +02:00 · 92ba1375be
parent 5e1db95282 5165b082b5
commit 92ba1375be
1 changed files with 7 additions and 3 deletions
--- a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
+++ b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
@ -1082,10 +1082,14 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
    {
        String type = Objects.toString(getTrustStoreType(), getKeyStoreType());
        String provider = Objects.toString(getTrustStoreProvider(), getKeyStoreProvider());
-        String passwd = Objects.toString(_trustStorePassword, Objects.toString(_keyStorePassword, null));
-        if (resource == null)
+        Password passwd = _trustStorePassword;
+        if (resource == null || resource.equals(_keyStoreResource))
+        {
            resource = _keyStoreResource;
-        return CertificateUtils.getKeyStore(resource, type, provider, passwd);
+            if (passwd == null)
+                passwd = _keyStorePassword;
+        }
+        return CertificateUtils.getKeyStore(resource, type, provider, Objects.toString(passwd, null));
    }

    /**