pzampino commented on code in PR #992:
URL: https://github.com/apache/knox/pull/992#discussion_r1961766505
##########
gateway-spi/src/main/java/org/apache/knox/gateway/util/TruststoreSSLContextUtils.java:
##########
@@ -48,4 +52,25 @@ public static SSLContext getTruststoreSSLContext(KeyStore
truststore) {
return sslContext;
}
+ public static X509TrustManager getTrustManager(KeyStore truststore) {
+ try {
+ if (truststore != null) {
+ TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ trustManagerFactory.init(truststore);
+ TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
+ if (trustManagers != null) {
+ for (TrustManager tm : trustManagers) {
+ if (tm instanceof X509TrustManager) {
+ return (X509TrustManager) tm;
+ }
+ }
+ }
+ throw new IllegalStateException("Unexpected default trust managers:" +
Arrays.toString(trustManagers));
Review Comment:
What is the consequence of throwing this exception? The
DiscoveryApiClient#configureSsl() method does not catch it, so it will bubble
up. Do you know where it will eventually be handled and how?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
