Ingo Karkat created ARTEMIS-3081: ------------------------------------ Summary: Cannot override the default Java key/truststore properties Key: ARTEMIS-3081 URL: https://issues.apache.org/jira/browse/ARTEMIS-3081 Project: ActiveMQ Artemis Issue Type: Bug Affects Versions: 2.15.0, 2.17.0 Environment: In our case the application uses the default Java truststore location at {{$JAVA_HOME/lib/security/jssecacerts}}, and only supplies its password in {{javax.net.ssl.trustStorePassword}}, and then uses a dedicated truststore for Artemis. Defining both {{org.apache.activemq.ssl.trustStore}} and {{org.apache.activemq.ssl.trustStorePassword}} now makes Artemis use the dedicated truststore ({{javax.net.ssl.trustStore}} is not set as we use the default location, so the second choice {{org.apache.activemq.ssl.trustStore}} applies), but with the Java default truststore password (first choice {{javax.net.ssl.trustStorePassword}} applies instead of the second choice because it is set for the default truststore). Obviously, this does not work unless both passwords are identical! Reporter: Ingo Karkat
If an application wants to use a special key/truststore for Artemis but have the remainder of the application use the default Java store, the {code:java} org.apache.activemq.ssl.keyStore{code} needs to take precedence over Java's {code:java} javax.net.ssl.keyStore{code} However, the current implementation takes the first non-null value from {code:java} System.getProperty(JAVAX_KEYSTORE_PATH_PROP_NAME) System.getProperty(ACTIVEMQ_KEYSTORE_PATH_PROP_NAME) keyStorePath{code} So if the default Java property is set, no override is possible. -- This message was sent by Atlassian Jira (v8.3.4#803005)