Context
-----------
Exact tomcat version, Operating Systems, other configurations-
Current Tomcat version - 8.5.15
Operating Systems - Windows/ Linux
Upgrading to tomcat version - 8.5.23
Application - Java Application.
I have an application with tomcat, say fooapp. I also have a custom
keystore type, say DKS (Java by default has the JKS keystore). During start
of my application, it loads the DKS keystore to get the certificate for the
application. This is done using the following changes in server.xml
<Connector SSLEnabled="true"
sslImplementationName="com.vmware.identity.tomcat.GKSAwareImpl"
store="CERT_STORE"
port="${bio-ssl-localhost.https.port}"
protocol="com.vmware.identity.tomcat. GKSAwareHttp11NioProtocol"
redirectPort="${bio-ssl-localhost.https.port}"
scheme="https"
secure="true"
maxHttpHeaderSize="16384">
<Certificate certificateKeystoreType="GKS"
Problem
-----------
The new version of tomcat has a changed code that is causing my application
from not able to load the GKS keystore.
In Tomcat 8.5.15,
getKeyManagers() method - if ks is not null, it simply proceeds further
doing the ks.isKeyEntry() etc..
In Tomcat 8.5.23,
getKeyManagers() method - if ks is initialized as before and create a new
reference -
KeyStore ks = certificate.getCertificateKeystore();
KeyStore ksUsed = ks;
After the below code, the ksUsed is getting back to JKS and fails to load
my custom keystore type "GKS"
// Switch to in-memory key store String provider =
certificate.getCertificateKeystoreProvider(); if (provider == null) {
ksUsed = KeyStore.getInstance(certificate.getCertificateKeystoreType()); }
else { ksUsed =
KeyStore.getInstance(certificate.getCertificateKeystoreType(), provider); }
ksUsed.load(null, null); --> throws unimplmented method
I am setting the provider type properly in java.security which is also used
while loading the application.
Has anybody faced similar problem?
Thanks,
Emil
