summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2025-08-12 13:47:38 +0200
committerSimon Rettberg2025-08-12 13:47:38 +0200
commit4aa4f4360f659f7d0cc9cd2a290163ca0599aa6f (patch)
treeaba20f4f17d7784d34baf33647504a90d0eb65a9
parent[client] Try to use generic SSL and HTTPS context if connection check fails (diff)
downloadtutor-module-4aa4f4360f659f7d0cc9cd2a290163ca0599aa6f.tar.gz
tutor-module-4aa4f4360f659f7d0cc9cd2a290163ca0599aa6f.tar.xz
tutor-module-4aa4f4360f659f7d0cc9cd2a290163ca0599aa6f.zip
[client] Ship our own truststore and use on all platforms but Windows
Diffstat
-rw-r--r--dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java19
-rw-r--r--dozentenmodul/src/main/resources/data/truststore.jksbin0 -> 164230 bytes
2 files changed, 13 insertions, 6 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java b/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java
index 8d59e56c..f927bdca 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java
@@ -1,6 +1,7 @@
package org.openslx.dozmod.util;
import java.io.FileInputStream;
+import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
@@ -22,8 +23,6 @@ public class FallbackTrustManager {
private static FallbackX509TrustManager delegatingTrustManager = null;
public static void install() {
- if (!OsHelper.isWindows())
- return;
// On Windows, use system store in addition to the Java one
LOGGER.info("Installing Fallback X509 truster");
try {
@@ -44,13 +43,21 @@ public class FallbackTrustManager {
X509TrustManager javaTrustManager = getX509TrustManager(javaTMF);
// --- Load Windows root store ---
- KeyStore windowsRoot = KeyStore.getInstance("Windows-ROOT");
- windowsRoot.load(null, null);
+ KeyStore systemRoot;
+ if (OsHelper.isWindows()) {
+ systemRoot = KeyStore.getInstance("Windows-ROOT");
+ systemRoot.load(null, null);
+ } else {
+ systemRoot = KeyStore.getInstance("JKS");
+ try (InputStream is = ResourceLoader.getStream("/data/truststore.jks")) {
+ systemRoot.load(is, password);
+ }
+ }
TrustManagerFactory windowsTMF = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
- windowsTMF.init(windowsRoot);
- LOGGER.info("Windows entries: " + windowsRoot.size());
+ windowsTMF.init(systemRoot);
+ LOGGER.info("System entries: " + systemRoot.size());
X509TrustManager windowsTrustManager = getX509TrustManager(windowsTMF);
// --- Combine using delegating trust manager ---
diff --git a/dozentenmodul/src/main/resources/data/truststore.jks b/dozentenmodul/src/main/resources/data/truststore.jks
new file mode 100644
index 00000000..ad4c6bb4
--- /dev/null
+++ b/dozentenmodul/src/main/resources/data/truststore.jks
Binary files differ
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2026-02-27 17:59:52 +0100