From dev-return-75245-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org Mon Oct 29 06:39:44 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 472B918077A for ; Mon, 29 Oct 2018 06:39:15 +0100 (CET) Received: (qmail 92864 invoked by uid 500); 29 Oct 2018 05:39:02 -0000 Mailing-List: contact dev-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@zookeeper.apache.org Delivered-To: mailing list dev@zookeeper.apache.org Received: (qmail 92842 invoked by uid 99); 29 Oct 2018 05:39:02 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Oct 2018 05:39:02 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 04924E0057; Mon, 29 Oct 2018 05:39:02 +0000 (UTC) From: anmolnar To: dev@zookeeper.apache.org Reply-To: dev@zookeeper.apache.org References: In-Reply-To: Subject: [GitHub] zookeeper pull request #678: ZOOKEEPER-3173: Quorum TLS - support PEM trust/... Content-Type: text/plain Message-Id: <20181029053902.04924E0057@git1-us-west.apache.org> Date: Mon, 29 Oct 2018 05:39:02 +0000 (UTC) Github user anmolnar commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/678#discussion_r228805464 --- Diff: zookeeper-server/src/main/java/org/apache/zookeeper/common/X509Util.java --- @@ -221,15 +279,45 @@ public SSLContext createSSLContext(ZKConfig config) throws SSLContextException { } } - public static X509KeyManager createKeyManager(String keyStoreLocation, String keyStorePassword) + /** + * Creates a key manager by loading the key store from the given file of the given type, optionally decrypting it + * using the given password. + * @param keyStoreLocation the location of the key store file. + * @param keyStorePassword optional password to decrypt the key store. If empty, assumes the key store is not + * encrypted. + * @param keyStoreType must be JKS, PEM, or null. If null, attempts to autodetect the key store type from the file + * extension (.jks / .pem). + * @return the key manager. + * @throws KeyManagerException if something goes wrong. + */ + public static X509KeyManager createKeyManager(String keyStoreLocation, String keyStorePassword, StoreFileType keyStoreType) throws KeyManagerException { FileInputStream inputStream = null; + if (keyStorePassword == null) { + keyStorePassword = ""; + } try { char[] keyStorePasswordChars = keyStorePassword.toCharArray(); File keyStoreFile = new File(keyStoreLocation); - KeyStore ks = KeyStore.getInstance("JKS"); - inputStream = new FileInputStream(keyStoreFile); - ks.load(inputStream, keyStorePasswordChars); + if (keyStoreType == null) { + keyStoreType = detectStoreFileTypeFromFileExtension(keyStoreFile); + } + KeyStore ks; + switch (keyStoreType) { --- End diff -- Thanks @ivmaykov . ---