Open c-koell opened 1 year ago
We have migrated from webProfile-8.1 to webProfile-9.0 and now we are facing some problems with the HttpClient.
I have also created https://github.com/OpenLiberty/open-liberty/issues/23975. It's clear now that with transportSecurity-1.0 the behaviour of SSLContext.getDefault() has changed as described... The SSLContext process default is the SSLContext Java Secure Socket Extension (JSSE) default that uses the cacerts file for the key and trust See also https://www.ibm.com/docs/en/was-liberty/base?topic=liberty-ssl-defaults-in
The SSLContext process default is the SSLContext Java Secure Socket Extension (JSSE) default that uses the cacerts file for the key and trust
We have used following code HttpClient.newBuilder().sslContext(SSLContext.getDefault()) This works fine with webProfile-8.1 which uses ssl-1.0 feature. SSLContext.getDefault() has pointed to the Liberty SSLSettings defined in the server.xml
HttpClient.newBuilder().sslContext(SSLContext.getDefault())
<keyStore id="defaultKeyStore" location="${server.output.dir}/mqClient.p12" password="xxxx" /> <ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore" trustStoreRef="defaultKeyStore" trustDefaultCerts="true"/>
Now with transportSecurity-1.0 feature we get a SSLContext that points to the cacerts file.
Is the a way to obtain a SSLContext with the Liberty SSL Settings ?
Thanks for any help..
Maybe someone could give some feedback here ?
We have migrated from webProfile-8.1 to webProfile-9.0 and now we are facing some problems with the HttpClient.
I have also created https://github.com/OpenLiberty/open-liberty/issues/23975. It's clear now that with transportSecurity-1.0 the behaviour of SSLContext.getDefault() has changed as described...
The SSLContext process default is the SSLContext Java Secure Socket Extension (JSSE) default that uses the cacerts file for the key and trust
See also https://www.ibm.com/docs/en/was-liberty/base?topic=liberty-ssl-defaults-inWe have used following code
HttpClient.newBuilder().sslContext(SSLContext.getDefault())
This works fine with webProfile-8.1 which uses ssl-1.0 feature. SSLContext.getDefault() has pointed to the Liberty SSLSettings defined in the server.xmlNow with transportSecurity-1.0 feature we get a SSLContext that points to the cacerts file.
Is the a way to obtain a SSLContext with the Liberty SSL Settings ?
Thanks for any help..