[
https://issues.apache.org/jira/browse/CXF-6944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved CXF-6944.
--------------------------------------
Resolution: Not A Problem
> cacerts is loaded while different truststore is specified
> ---------------------------------------------------------
>
> Key: CXF-6944
> URL: https://issues.apache.org/jira/browse/CXF-6944
> Project: CXF
> Issue Type: Improvement
> Components: Transports
> Affects Versions: 2.7.18
> Reporter: David Tarr
> Priority: Minor
>
> It seems cxf still loads the cacerts eventhough a different truststore is
> specified (programmatically - not via cxf.xml). Could this potentially load
> to a security-risk?
> When I movethe trusted key from the different truststore to cacerts, the
> server is not trusted and the handshake fails. But I have not investigated
> any further.
> {noformat}
> 2016-06-17 13:45:21,213 INFO [main] spring.BusApplicationContext - Loaded
> configuration file cxf.xml.
> 2016-06-17 13:45:21,213 INFO [main]
> spring.ControlledValidationXmlBeanDefinitionReader - Loading XML bean
> definitions from class path resource [META-INF/cxf/cxf.xml]
> 2016-06-17 13:45:21,322 INFO [main]
> spring.ControlledValidationXmlBeanDefinitionReader - Loading XML bean
> definitions from class path resource [cxf.xml]
> 2016-06-17 13:45:21,793 INFO [main] factory.ReflectionServiceFactoryBean -
> Creating Service {http://www........com/.........}.... from class
> .............
> keyStore is :
> keyStore type is : jks
> keyStore provider is :
> init keystore
> init keymanager of type SunX509
> trustStore is: C:\Java\jdk1.7.0_79\jre\lib\security\cacerts
> trustStore type is : jks
> trustStore provider is :
> init truststore
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
