From 220bb521533704d0be8d7fcdebfab31e26c6900a Mon Sep 17 00:00:00 2001 From: Alvaro Vega Date: Thu, 27 Jun 2024 11:05:45 +0200 Subject: [PATCH] log x509 cert --- .../cygnus/backends/mongo/MongoBackendImpl.java | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java b/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java index ec345dce9..673e5efa9 100644 --- a/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java +++ b/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java @@ -611,23 +611,22 @@ private MongoDatabase getDatabase(String dbName) { try { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); if ((sslKeystorePathFile != null) && !sslKeystorePathFile.isEmpty()) { - try (InputStream keyStoreStream = new FileInputStream(sslKeystorePathFile)) { + InputStream keyStoreStream = new FileInputStream(sslKeystorePathFile); keyStore.load(keyStoreStream, sslKeystorePassword.toCharArray()); - } } else { keyStore.load(null); } if ((sslCAPathFile != null) && !sslCAPathFile.isEmpty()) { - try (InputStream trustStoreStream = new FileInputStream(sslCAPathFile)) { - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - X509Certificate caCert = (X509Certificate) cf.generateCertificate(trustStoreStream); - keyStore.setCertificateEntry("caCert", caCert); - } + InputStream caStream = new FileInputStream(sslCAPathFile); + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + X509Certificate caCert = (X509Certificate) cf.generateCertificate(caStream); + LOGGER.debug("CA subjectDN: " + caCert.getSubjectDN()); + keyStore.setCertificateEntry("caCert", caCert); } TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); sslContext = SSLContext.getInstance("TLS"); - sslContext.init(null, trustManagerFactory.getTrustManagers(), new java.security.SecureRandom()); + sslContext.init(null, trustManagerFactory.getTrustManagers(), null); } catch (Exception e) { LOGGER.warn("Error when init SSL Context: " + e.getMessage()); }