qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oru...@apache.org
Subject [qpid-broker-j] 02/03: QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests
Date Wed, 06 Mar 2019 16:15:31 GMT
This is an automated email from the ASF dual-hosted git repository.

orudyy pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git

commit 96f57f6765df2d6ef1bf361c088195041dba1f05
Author: Alex Rudyy <orudyy@apache.org>
AuthorDate: Wed Mar 6 16:13:31 2019 +0000

    QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests
---
 .../berkeleydb/BDBVirtualHostImplTest.java         |  2 +-
 .../apache/qpid/server/model/BrokerTestHelper.java |  4 ++
 .../qpid/server/security/FileKeyStoreTest.java     | 16 ++++-
 .../qpid/server/security/FileTrustStoreTest.java   | 24 +++++--
 .../qpid/server/security/NonJavaKeyStoreTest.java  |  5 +-
 .../server/security/NonJavaTrustStoreTest.java     |  3 +-
 .../security/SiteSpecificTrustStoreTest.java       |  3 +-
 .../manager/oauth2/OAuth2MockEndpointHolder.java   | 17 ++++-
 .../apache/qpid/server/ssl/TrustManagerTest.java   |  2 +-
 .../server/transport/TCPandSSLTransportTest.java   |  8 +++
 .../virtualhost/jdbc/JDBCVirtualHostTest.java      |  3 +-
 .../org/apache/qpid/test/utils/QpidTestCase.java   | 31 +++++++++
 .../apache/qpid/test/utils/TestSSLConstants.java   |  2 +
 systests/etc/config-systests.json                  |  6 +-
 .../apache/qpid/systest/rest/RestTestHelper.java   | 74 ++++++++++++++--------
 .../java/org/apache/qpid/client/ssl/SSLTest.java   |  9 ++-
 .../auth/manager/ExternalAuthenticationTest.java   |  7 +-
 .../management/amqp/AmqpManagementTest.java        |  3 +
 .../messageencryption/MessageEncryptionTest.java   | 17 +++++
 .../apache/qpid/systest/rest/KeyStoreRestTest.java |  3 +-
 .../qpid/systest/rest/TrustStoreRestTest.java      | 11 ++--
 .../qpid/systest/rest/acl/BrokerACLTest.java       |  2 +
 22 files changed, 201 insertions(+), 51 deletions(-)

diff --git a/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java b/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java
index 36227c8..76d2b99 100644
--- a/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java
+++ b/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java
@@ -58,7 +58,7 @@ public class BDBVirtualHostImplTest extends QpidTestCase
 
         _storePath = TestFileUtils.createTestDirectory();
 
-        _node = mock(VirtualHostNode.class);
+        _node = BrokerTestHelper.mockWithSystemPrincipal(VirtualHostNode.class);
         when(_node.getParent()).thenReturn(broker);
         when(_node.getModel()).thenReturn(BrokerModel.getInstance());
         when(_node.getTaskExecutor()).thenReturn(taskExecutor);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java b/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java
index f1958ff..9573bdb 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java
@@ -299,6 +299,10 @@ public class BrokerTestHelper
     public interface TestableSystemPrincipalSource extends SystemPrincipalSource {}
     public interface TestableAccessControlSource extends AccessControlSource {}
 
+    public static <X extends ConfiguredObject> X mockWithSystemPrincipal(Class<X> clazzl)
+    {
+        return mockWithSystemPrincipal(clazzl, SYSTEM_PRINCIPAL);
+    }
     public static <X extends ConfiguredObject> X mockWithSystemPrincipal(Class<X> clazz, Principal principal)
     {
         synchronized (SYSTEM_PRINCIPAL_SOURCE_MOCKS)
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
index 28f49d1..348ebd6 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
@@ -21,6 +21,7 @@ package org.apache.qpid.server.security;
 
 
 import static org.apache.qpid.server.security.FileTrustStoreTest.createDataUrlForFile;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -81,6 +82,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
@@ -97,6 +99,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
         attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
@@ -112,6 +115,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
         attributes.put(FileKeyStore.PASSWORD, "wrong");
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -132,6 +136,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH);
         attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD);
         attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown");
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -141,7 +146,8 @@ public class FileKeyStoreTest extends QpidTestCase
         catch (IllegalConfigurationException ice)
         {
             String message = ice.getMessage();
-            assertTrue("Exception text not as unexpected:" + message, message.contains("Cannot find a certificate with alias 'notknown' in key store"));
+            assertTrue("Exception text not as unexpected:" + message,
+                              message.contains("Cannot find a certificate with alias 'notknown' in key store"));
         }
     }
 
@@ -153,6 +159,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl);
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
@@ -171,6 +178,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl);
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
         attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
@@ -188,6 +196,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.PASSWORD, "wrong");
         attributes.put(FileKeyStore.STORE_URL, keyStoreAsDataUrl);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -232,6 +241,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
         attributes.put(FileKeyStore.STORE_URL, keyStoreAsDataUrl);
         attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown");
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -251,6 +261,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
@@ -289,7 +300,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
         attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
-        attributes.put(FileKeyStore.KEY_STORE_TYPE, "PKCS12");
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
@@ -302,6 +313,7 @@ public class FileKeyStoreTest extends QpidTestCase
         attributes.put(FileKeyStore.NAME, "myFileKeyStore");
         attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
         attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+        attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes,  _broker);
 
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
index d0cc0a2..28af9e5 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
@@ -20,6 +20,7 @@
 package org.apache.qpid.server.security;
 
 
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -97,6 +98,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes,  _broker);
 
@@ -112,6 +114,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, "wrong");
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -132,6 +135,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.STORE_URL, PEER_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, PEER_STORE_PASSWORD);
         attributes.put(FileTrustStore.PEERS_ONLY, true);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes,  _broker);
 
@@ -144,10 +148,16 @@ public class FileTrustStoreTest extends QpidTestCase
 
     public void testUseOfExpiredTrustAnchorAllowed() throws Exception
     {
+        if (getJvmVendor() == JvmVendor.IBM)
+        {
+            //IBMJSSE2 trust factory (IbmX509) validates the entire chain, including trusted certificates.
+            return;
+        }
         Map<String,Object> attributes = new HashMap<>();
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, EXPIRED_TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, BROKER_TRUST_STORE_PASSWORD);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
 
@@ -159,7 +169,7 @@ public class FileTrustStoreTest extends QpidTestCase
 
         KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE_PATH,
                                                               KEYSTORE_PASSWORD,
-                                                              "pkcs12");
+                                                              JAVA_KEYSTORE_TYPE);
         String alias = clientStore.aliases().nextElement();
         X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
 
@@ -173,6 +183,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.STORE_URL, EXPIRED_TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, BROKER_TRUST_STORE_PASSWORD);
         attributes.put(FileTrustStore.TRUST_ANCHOR_VALIDITY_ENFORCED, true);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
 
@@ -184,7 +195,7 @@ public class FileTrustStoreTest extends QpidTestCase
 
         KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE_PATH,
                                                               KEYSTORE_PASSWORD,
-                                                              KeyStore.getDefaultType());
+                                                              JAVA_KEYSTORE_TYPE);
         String alias = clientStore.aliases().nextElement();
         X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
 
@@ -216,6 +227,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
         attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes,  _broker);
 
@@ -233,6 +245,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.PASSWORD, "wrong");
         attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -254,6 +267,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
         attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         try
         {
@@ -274,6 +288,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         FileTrustStore<?> fileTrustStore = (FileTrustStore<?>) _factory.create(TrustStore.class, attributes,  _broker);
 
@@ -312,6 +327,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, BROKER_TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, KEYSTORE_PASSWORD);
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes,  _broker);
 
@@ -324,7 +340,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
         attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
-        attributes.put(FileTrustStore.TRUST_STORE_TYPE, "PKCS12");
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes,  _broker);
 
@@ -351,7 +367,7 @@ public class FileTrustStoreTest extends QpidTestCase
         attributes.put(FileTrustStore.NAME, "myFileTrustStore");
         attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
         attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
-        attributes.put(FileTrustStore.TRUST_STORE_TYPE, "PKCS12");
+        attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
 
         TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
 
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
index e4e14d1..df578c0 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
@@ -20,6 +20,7 @@
 package org.apache.qpid.server.security;
 
 
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.anyLong;
@@ -114,7 +115,7 @@ public class NonJavaKeyStoreTest extends QpidTestCase
 
     private File[] extractResourcesFromTestKeyStore(boolean pem, final String storeResource) throws Exception
     {
-        java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+        java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
         try(InputStream is = getClass().getResourceAsStream(storeResource))
         {
             ks.load(is, KEYSTORE_PASSWORD.toCharArray() );
@@ -275,7 +276,7 @@ public class NonJavaKeyStoreTest extends QpidTestCase
     {
         when(_broker.scheduleHouseKeepingTask(anyLong(), any(TimeUnit.class), any(Runnable.class))).thenReturn(mock(ScheduledFuture.class));
 
-        java.security.KeyStore ks = java.security.KeyStore.getInstance("pkcs12");
+        java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
         final String storeLocation = KEYSTORE;
         try(InputStream is = getClass().getResourceAsStream(storeLocation))
         {
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
index 3ab6f83..e7b3598 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
@@ -19,6 +19,7 @@
 
 package org.apache.qpid.server.security;
 
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -100,7 +101,7 @@ public class NonJavaTrustStoreTest extends QpidTestCase
 
         KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE,
                                                               KEYSTORE_PASSWORD,
-                                                              "PKCS12");
+                                                              JAVA_KEYSTORE_TYPE);
         String alias = clientStore.aliases().nextElement();
         X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
 
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
index f012173..c72ba1c 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
@@ -21,6 +21,7 @@
 package org.apache.qpid.server.security;
 
 
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -253,7 +254,7 @@ public class SiteSpecificTrustStoreTest extends QpidTestCase
             char[] keyPassword = KEYSTORE_PASSWORD.toCharArray();
             try(InputStream inputStream = getClass().getResourceAsStream(KEYSTORE))
             {
-                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+                KeyStore keyStore = KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
                 KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                 keyStore.load(inputStream, keyPassword);
                 keyManagerFactory.init(keyStore, keyPassword);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
index 4c4aa0a..afd4c4d 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
@@ -20,6 +20,9 @@
  */
 package org.apache.qpid.server.security.auth.manager.oauth2;
 
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
+
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.Collections;
@@ -31,6 +34,8 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import junit.framework.TestCase;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.Server;
@@ -84,6 +89,7 @@ class OAuth2MockEndpointHolder
                                               };
         sslContextFactory.setKeyStorePassword(KEYSTORE_PASSWORD);
         sslContextFactory.setKeyStoreResource(Resource.newClassPathResource(KEYSTORE_RESOURCE));
+        sslContextFactory.setKeyStoreType(JAVA_KEYSTORE_TYPE);
 
         // override default jetty excludes as valid IBM JDK are excluded
         // causing SSL handshake failure (due to default exclude '^SSL_.*$')
@@ -153,7 +159,16 @@ class OAuth2MockEndpointHolder
         List<String> listOfStrings = Collections.emptyList();
         if(listAsString != null && !"".equals(listAsString))
         {
-            listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+            try
+            {
+                listOfStrings = new ObjectMapper().readValue(listAsString.getBytes(UTF_8), new TypeReference<List<String>>()
+                {
+                });
+            }
+            catch (IOException e)
+            {
+                listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+            }
         }
         return listOfStrings;
     }
diff --git a/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java b/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
index 3dcddff..cafbfc8 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
@@ -38,7 +38,7 @@ import org.apache.qpid.server.transport.network.security.ssl.SSLUtil;
 
 public class TrustManagerTest extends QpidTestCase
 {
-    private static final String STORE_TYPE = "pkcs12";
+    private static final String STORE_TYPE = TestSSLConstants.JAVA_KEYSTORE_TYPE;
     private static final String DEFAULT_TRUST_MANAGER_ALGORITHM = TrustManagerFactory.getDefaultAlgorithm();
     private static final String KEYSTORE_PASSWORD = TestSSLConstants.KEYSTORE_PASSWORD;
     private static final String PEER_STORE = "ssl/java_broker_peerstore.pkcs12";
diff --git a/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java b/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
index e83cdd1..08b3d2f 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
@@ -57,6 +57,10 @@ public class TCPandSSLTransportTest extends QpidTestCase
 
     public void testNoSSLv3SupportOnSSLOnlyPort() throws Exception
     {
+        if (getJvmVendor() == JvmVendor.IBM)
+        {
+            return;
+        }
         try
         {
             checkSSLExcluded("SSLv3", Transport.SSL);
@@ -99,6 +103,10 @@ public class TCPandSSLTransportTest extends QpidTestCase
 
     public void testNoSSLv3SupportOnSharedPort() throws Exception
     {
+        if (getJvmVendor() == JvmVendor.IBM)
+        {
+            return;
+        }
         try
         {
             checkSSLExcluded("SSLv3", Transport.TCP, Transport.SSL);
diff --git a/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java b/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java
index 3af9000..069735f 100644
--- a/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java
+++ b/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java
@@ -33,6 +33,7 @@ import org.apache.qpid.server.configuration.updater.CurrentThreadTaskExecutor;
 import org.apache.qpid.server.logging.EventLogger;
 import org.apache.qpid.server.model.Broker;
 import org.apache.qpid.server.model.BrokerModel;
+import org.apache.qpid.server.model.BrokerTestHelper;
 import org.apache.qpid.server.model.ConfiguredObject;
 import org.apache.qpid.server.model.ConfiguredObjectFactoryImpl;
 import org.apache.qpid.server.model.SystemConfig;
@@ -60,7 +61,7 @@ public class JDBCVirtualHostTest extends QpidTestCase
 
     public void testInvalidTableNamePrefix() throws Exception
     {
-        final VirtualHostNode vhn = mock(VirtualHostNode.class);
+        final VirtualHostNode vhn = BrokerTestHelper.mockWithSystemPrincipal(VirtualHostNode.class);
         when(vhn.getCategoryClass()).thenReturn(VirtualHostNode.class);
         when(vhn.getChildExecutor()).thenReturn(_taskExecutor);
         final ConfiguredObjectFactoryImpl factory = new ConfiguredObjectFactoryImpl(BrokerModel.getInstance());
diff --git a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java
index 630dbe0..7e8664f 100644
--- a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java
+++ b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java
@@ -351,4 +351,35 @@ public class QpidTestCase extends TestCase
         }
         return properties;
     }
+
+    public JvmVendor getJvmVendor()
+    {
+        final String property = String.valueOf(System.getProperty("java.vendor")).toUpperCase();
+        if (property.contains("IBM"))
+        {
+            return JvmVendor.IBM;
+        }
+        else if (property.contains("ORACLE"))
+        {
+            return JvmVendor.ORACLE;
+        }
+        else if (property.contains("OPENJDK"))
+        {
+            return JvmVendor.OPENJDK;
+        }
+        else
+        {
+            return JvmVendor.UNKNOWN;
+        }
+    }
+
+    public enum JvmVendor
+    {
+        ORACLE,
+        IBM,
+        OPENJDK,
+        UNKNOWN
+    }
+
+
 }
diff --git a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
index 360ecc9..1d4cc82 100644
--- a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
+++ b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
@@ -41,4 +41,6 @@ public interface TestSSLConstants
     String BROKER_TRUSTSTORE = "test-profiles/test_resources/ssl/java_broker_truststore.jks";
     String BROKER_EXPIRED_TRUSTSTORE = "test-profiles/test_resources/ssl/java_broker_expired_truststore.jks";
     String BROKER_TRUSTSTORE_PASSWORD = "password";
+
+    String JAVA_KEYSTORE_TYPE = "pkcs12";
 }
diff --git a/systests/etc/config-systests.json b/systests/etc/config-systests.json
index c342413..5d644b5 100644
--- a/systests/etc/config-systests.json
+++ b/systests/etc/config-systests.json
@@ -29,12 +29,14 @@
   "keystores" : [ {
     "name" : "systestsKeyStore",
     "storeUrl" : "${qpid.home_dir}${file.separator}..${file.separator}test-profiles${file.separator}test_resources${file.separator}ssl${file.separator}java_broker_keystore.jks",
-    "password" : "password"
+    "password" : "password",
+    "keyStoreType": "pkcs12"
   } ],
   "truststores" : [ {
     "name" : "systestsTrustStore",
     "storeUrl" : "${qpid.home_dir}${file.separator}..${file.separator}test-profiles${file.separator}test_resources${file.separator}ssl${file.separator}java_broker_truststore.jks",
-    "password" : "password"
+    "password" : "password",
+    "trustStoreType": "pkcs12"
   } ],
   "ports" : [  {
     "name" : "amqp",
diff --git a/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java b/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java
index 4ba8687..b0a1cdd 100644
--- a/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java
+++ b/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java
@@ -19,9 +19,11 @@
 package org.apache.qpid.systest.rest;
 
 import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
+import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
@@ -33,6 +35,7 @@ import java.net.URL;
 import java.net.URLEncoder;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
+import java.security.cert.X509Certificate;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.LinkedHashMap;
@@ -47,6 +50,7 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocketFactory;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.bind.DatatypeConverter;
 
@@ -58,10 +62,10 @@ import org.slf4j.LoggerFactory;
 
 import org.apache.qpid.server.model.Queue;
 import org.apache.qpid.server.model.SystemConfig;
-import org.apache.qpid.ssl.SSLContextFactory;
+import org.apache.qpid.server.transport.network.security.ssl.QpidServerX509KeyManager;
+import org.apache.qpid.server.transport.network.security.ssl.SSLUtil;
 import org.apache.qpid.test.utils.QpidBrokerTestCase;
 import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.transport.network.security.ssl.SSLUtil;
 
 public class RestTestHelper
 {
@@ -160,31 +164,38 @@ public class RestTestHelper
 
         if(_useSslAuth)
         {
+            if (_keystore == null)
+            {
+                throw new IllegalStateException("Cannot use SSL client auth without providing a keystore");
+            }
             try
             {
                 // We have to use a SSLSocketFactory from a new SSLContext so that we don't re-use
                 // the JVM's defaults that may have been initialised in previous tests.
-
                 final TrustManager[] trustManagers;
                 final KeyManager[] keyManagers;
 
-                trustManagers =
-                        SSLContextFactory.getTrustManagers(_truststore,
-                                                           _truststorePassword,
-                                                           KeyStore.getDefaultType(),
-                                                           TrustManagerFactory.getDefaultAlgorithm());
+                KeyStore ts = SSLUtil.getInitializedKeyStore(_truststore, _truststorePassword, JAVA_KEYSTORE_TYPE);
+                TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+                tmf.init(ts);
+                trustManagers = tmf.getTrustManagers();
 
-                if (_keystore == null)
+                if (_clientAuthAlias != null)
                 {
-                    throw new IllegalStateException("Cannot use SSL client auth without providing a keystore");
+                    keyManagers = new KeyManager[]{new QpidServerX509KeyManager(_clientAuthAlias,
+                                                                                new File(_keystore).toURI().toURL(),
+                                                                                JAVA_KEYSTORE_TYPE,
+                                                                                _keystorePassword,
+                                                                                KeyManagerFactory.getDefaultAlgorithm())};
+                }
+                else
+                {
+                    KeyStore ks = SSLUtil.getInitializedKeyStore(_keystore, _keystorePassword, JAVA_KEYSTORE_TYPE);
+                    char[] keyStoreCharPassword = _keystorePassword == null ? null : _keystorePassword.toCharArray();
+                    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+                    kmf.init(ks, keyStoreCharPassword);
+                    keyManagers = kmf.getKeyManagers();
                 }
-
-                keyManagers =
-                        SSLContextFactory.getKeyManagers(_keystore,
-                                                         _keystorePassword,
-                                                         KeyStore.getDefaultType(),
-                                                         KeyManagerFactory.getDefaultAlgorithm(),
-                                                         _clientAuthAlias);
 
                 final SSLContext sslContext = SSLUtil.tryGetSSLContext();
 
@@ -207,16 +218,29 @@ public class RestTestHelper
                 // the JVM's defaults that may have been initialised in previous tests.
 
                 final TrustManager[] trustManagers;
-                final KeyManager[] keyManagers;
+                KeyManager[] keyManagers = null;
 
-                trustManagers =
-                        SSLContextFactory.getTrustManagers(_truststore,
-                                                           _truststorePassword,
-                                                           KeyStore.getDefaultType(),
-                                                           TrustManagerFactory.getDefaultAlgorithm());
+                KeyStore ts = SSLUtil.getInitializedKeyStore(_truststore, _truststorePassword, JAVA_KEYSTORE_TYPE);
+                TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+                tmf.init(ts);
+                trustManagers = tmf.getTrustManagers();
 
-                keyManagers =
-                        SSLContextFactory.getKeyManagers(null, null, null, null, null);
+                if (_keystore != null)
+                {
+                    KeyStore _keyStore;
+                    try
+                    {
+                        URL ks = new File(_keystore).toURI().toURL();
+                        _keyStore = SSLUtil.getInitializedKeyStore(ks, _keystorePassword, JAVA_KEYSTORE_TYPE);
+                    }
+                    catch (MalformedURLException e)
+                    {
+                        _keyStore = SSLUtil.getInitializedKeyStore(_keystore, _keystorePassword, JAVA_KEYSTORE_TYPE);
+                    }
+                    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+                    kmf.init(_keyStore, _keystorePassword.toCharArray());
+                    keyManagers = kmf.getKeyManagers();
+                }
 
                 final SSLContext sslContext = SSLUtil.tryGetSSLContext();
 
diff --git a/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java b/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
index 5703473..898acd6 100644
--- a/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
+++ b/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
@@ -20,6 +20,7 @@
  */
 package org.apache.qpid.client.ssl;
 
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE;
 import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
 import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
@@ -72,6 +73,9 @@ public class SSLTest extends QpidBrokerTestCase
 
         setSslStoreSystemProperties();
 
+        setSystemProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+        setSystemProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
+
         super.setUp();
     }
 
@@ -106,6 +110,7 @@ public class SSLTest extends QpidBrokerTestCase
                 options.put("transport.keyStorePassword", KEYSTORE_PASSWORD);
                 options.put("transport.trustStoreLocation", TRUSTSTORE);
                 options.put("transport.trustStorePassword", TRUSTSTORE_PASSWORD);
+                options.put("transport.storeType", JAVA_KEYSTORE_TYPE);
 
                 con = getConnectionWithOptions(options);
             }
@@ -675,7 +680,7 @@ public class SSLTest extends QpidBrokerTestCase
 
     private File[] extractResourcesFromTestKeyStore() throws Exception
     {
-        java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+        java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
         try(InputStream is = new FileInputStream(KEYSTORE))
         {
             ks.load(is, KEYSTORE_PASSWORD.toCharArray() );
@@ -727,7 +732,7 @@ public class SSLTest extends QpidBrokerTestCase
 
     private File extractCertFileFromTestTrustStore() throws Exception
     {
-        java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+        java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
         try(InputStream is = new FileInputStream(TRUSTSTORE))
         {
             ks.load(is, TRUSTSTORE_PASSWORD.toCharArray() );
diff --git a/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java b/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
index 7a6a336..b8fb940 100644
--- a/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
+++ b/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
@@ -60,7 +60,8 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
         setSystemProperty("javax.net.ssl.keyStorePassword", null);
         setSystemProperty("javax.net.ssl.trustStore", null);
         setSystemProperty("javax.net.ssl.trustStorePassword", null);
-
+        setSystemProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+        setSystemProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
     }
 
     @Override
@@ -236,6 +237,7 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
         sslTrustStoreAttributes.put(FileTrustStore.STORE_URL, BROKER_PEERSTORE);
         sslTrustStoreAttributes.put(FileTrustStore.PASSWORD, BROKER_PEERSTORE_PASSWORD);
         sslTrustStoreAttributes.put(FileTrustStore.PEERS_ONLY, true);
+        sslTrustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
         getDefaultBrokerConfiguration().addObjectConfiguration(TrustStore.class, sslTrustStoreAttributes);
 
         super.startDefaultBroker();
@@ -380,6 +382,7 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
             if(trustStoreLocation != null)
             {
                 options.put("transport.trustStoreLocation", trustStoreLocation);
+                options.put("transport.trustStoreType", JAVA_KEYSTORE_TYPE);
             }
             if(trustStorePassword != null)
             {
@@ -388,7 +391,7 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
             if(keyStoreLocation != null)
             {
                 options.put("transport.keyStoreLocation", keyStoreLocation);
-
+                options.put("transport.keyStoreType", JAVA_KEYSTORE_TYPE);
             }
             if(keyStorePassword != null)
             {
diff --git a/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java b/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java
index 58bc844..050ae42 100644
--- a/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java
@@ -21,6 +21,7 @@
 package org.apache.qpid.systest.management.amqp;
 
 import static org.apache.qpid.server.model.Queue.ALERT_THRESHOLD_QUEUE_DEPTH_MESSAGES;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
 import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
 import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
 
@@ -97,6 +98,8 @@ public class AmqpManagementTest extends QpidBrokerTestCase
         // set the ssl system properties
         setSystemProperty("javax.net.ssl.trustStore", TRUSTSTORE);
         setSystemProperty("javax.net.ssl.trustStorePassword", TRUSTSTORE_PASSWORD);
+        setSystemProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+        setSystemProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
 
         super.setUp();
 
diff --git a/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java b/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java
index 1ba42ef..e55a35f 100644
--- a/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java
@@ -49,6 +49,23 @@ public class MessageEncryptionTest extends QpidBrokerTestCase implements TestSSL
     public static final String INCLUDED_VIRTUAL_HOST_NODE_NAME = "includedVirtualHostNode";
 
     @Override
+    public void setUp() throws Exception
+    {
+        super.setUp();
+
+        // Encryption trust store password is set using system property due to client defect QPID-8283
+        setSystemProperty("javax.net.ssl.trustStorePassword", TestSSLConstants.KEYSTORE_PASSWORD);
+        setSystemProperty("javax.net.ssl.trustStoreType", "pkcs12");
+        setSystemProperty("javax.net.ssl.keyStoreType", "pkcs12");
+    }
+
+    @Override
+    public void tearDown() throws Exception
+    {
+        super.tearDown();
+    }
+
+    @Override
     public void startDefaultBroker() throws Exception
     {
         // tests start broker
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java
index 1b34545..9a7cfeb 100644
--- a/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java
@@ -49,7 +49,7 @@ public class KeyStoreRestTest extends QpidRestTestCase
         assertEquals("Unexpected name", TestBrokerConfiguration.ENTRY_NAME_SSL_KEYSTORE, keystore.get(KeyStore.NAME));
         assertEquals("unexpected path to key store", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, keystore.get(FileKeyStore.STORE_URL));
         assertEquals("unexpected (dummy) password of default systests key store", AbstractConfiguredObject.SECURED_STRING_VALUE, keystore.get(FileKeyStore.PASSWORD));
-        assertEquals("unexpected type of default systests key store", java.security.KeyStore.getDefaultType(), keystore.get(FileKeyStore.KEY_STORE_TYPE));
+        assertEquals("unexpected type of default systests key store", TestSSLConstants.JAVA_KEYSTORE_TYPE, keystore.get(FileKeyStore.KEY_STORE_TYPE));
         assertFalse("should not be a certificateAlias attribute", keystore.containsKey(FileKeyStore.CERTIFICATE_ALIAS));
     }
 
@@ -147,6 +147,7 @@ public class KeyStoreRestTest extends QpidRestTestCase
         keyStoreAttributes.put(KeyStore.NAME, name);
         keyStoreAttributes.put(FileKeyStore.STORE_URL, keyStorePath);
         keyStoreAttributes.put(FileKeyStore.PASSWORD, keystorePassword);
+        keyStoreAttributes.put(FileKeyStore.KEY_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
         if (certAlias != null)
         {
             keyStoreAttributes.put(FileKeyStore.CERTIFICATE_ALIAS, certAlias);
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java
index 70759f9..b9ce1bd 100644
--- a/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java
@@ -50,7 +50,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
         assertEquals("unexpected (dummy) password of default systests trust store",
                      AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
         assertEquals("unexpected type of default systests trust store",
-                java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+                TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
         assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY));
     }
 
@@ -67,7 +67,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
         assertEquals("unexpected trust store name", name, truststore.get(TrustStore.NAME));
         assertEquals("unexpected store URL", TestSSLConstants.TRUSTSTORE, truststore.get(FileTrustStore.STORE_URL));
         assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
-        assertEquals("unexpected type", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+        assertEquals("unexpected type", TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
         assertEquals("unexpected peersOnly value", true, truststore.get(FileTrustStore.PEERS_ONLY));
     }
 
@@ -88,7 +88,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
         assertEquals("nexpected trust store name", name, truststore.get(TrustStore.NAME));
         assertEquals("unexpected store URL value",  ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL));
         assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
-        assertEquals("unexpected type of trust store", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+        assertEquals("unexpected type of trust store", TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
         assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY));
     }
 
@@ -109,7 +109,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
         assertEquals("unexpected name", TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE, truststore.get(TrustStore.NAME));
         assertEquals("unexpected store URL value",  ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL));
         assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
-        assertEquals("unexpected type of  trust store", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+        assertEquals("unexpected type of  trust store", TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
         assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY));
     }
 
@@ -133,7 +133,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
         assertEquals("unexpected name", name, trustStore.get(TrustStore.NAME));
         assertEquals("unexpected path to trust store",  TestSSLConstants.TRUSTSTORE, trustStore.get(FileTrustStore.STORE_URL));
         assertEquals("unexpected password", AbstractConfiguredObject.SECURED_STRING_VALUE, trustStore.get(FileTrustStore.PASSWORD));
-        assertEquals("unexpected type", java.security.KeyStore.getDefaultType(), trustStore.get(FileTrustStore.TRUST_STORE_TYPE));
+        assertEquals("unexpected type", TestSSLConstants.JAVA_KEYSTORE_TYPE, trustStore.get(FileTrustStore.TRUST_STORE_TYPE));
         assertEquals("unexpected peersOnly value", false, trustStore.get(FileTrustStore.PEERS_ONLY));
     }
 
@@ -154,6 +154,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
         trustStoreAttributes.put(FileTrustStore.STORE_URL, truststorePath);
         trustStoreAttributes.put(FileTrustStore.PASSWORD, truststorePassword);
         trustStoreAttributes.put(FileTrustStore.PEERS_ONLY, peersOnly);
+        trustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
 
         getRestTestHelper().submitRequest("truststore/" + name, "PUT", trustStoreAttributes, HttpServletResponse.SC_CREATED);
     }
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
index 9f704cf..06a530b 100644
--- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
@@ -1076,6 +1076,7 @@ public class BrokerACLTest extends QpidRestTestCase
         keyStoreAttributes.put(FileKeyStore.STORE_URL, TestSSLConstants.KEYSTORE);
         keyStoreAttributes.put(FileKeyStore.PASSWORD, TestSSLConstants.KEYSTORE_PASSWORD);
         keyStoreAttributes.put(FileKeyStore.CERTIFICATE_ALIAS, certAlias);
+        keyStoreAttributes.put(FileKeyStore.KEY_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
 
         return getRestTestHelper().submitRequest("keystore/" + name, "PUT", keyStoreAttributes);
     }
@@ -1087,6 +1088,7 @@ public class BrokerACLTest extends QpidRestTestCase
         trustStoreAttributes.put(FileTrustStore.STORE_URL, TestSSLConstants.KEYSTORE);
         trustStoreAttributes.put(FileTrustStore.PASSWORD, TestSSLConstants.KEYSTORE_PASSWORD);
         trustStoreAttributes.put(FileTrustStore.PEERS_ONLY, peersOnly);
+        trustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
 
         return getRestTestHelper().submitRequest("truststore/" + name, "PUT", trustStoreAttributes);
     }


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message