From 4aa4f4360f659f7d0cc9cd2a290163ca0599aa6f Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 12 Aug 2025 13:47:38 +0200
Subject: [client] Ship our own truststore and use on all platforms but Windows

---
 .../org/openslx/dozmod/util/FallbackTrustManager.java | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'dozentenmodul/src/main/java/org')

diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java b/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java
index 8d59e56c..f927bdca 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/util/FallbackTrustManager.java
@@ -1,6 +1,7 @@
 package org.openslx.dozmod.util;
 
 import java.io.FileInputStream;
+import java.io.InputStream;
 import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 
@@ -22,8 +23,6 @@ public class FallbackTrustManager {
 	private static FallbackX509TrustManager delegatingTrustManager = null;
 
 	public static void install() {
-		if (!OsHelper.isWindows())
-			return;
 		// On Windows, use system store in addition to the Java one
 		LOGGER.info("Installing Fallback X509 truster");
 		try {
@@ -44,13 +43,21 @@ public class FallbackTrustManager {
 			X509TrustManager javaTrustManager = getX509TrustManager(javaTMF);
 
 			// --- Load Windows root store ---
-			KeyStore windowsRoot = KeyStore.getInstance("Windows-ROOT");
-			windowsRoot.load(null, null);
+			KeyStore systemRoot;
+			if (OsHelper.isWindows()) {
+				systemRoot = KeyStore.getInstance("Windows-ROOT");
+				systemRoot.load(null, null);
+			} else {
+				systemRoot = KeyStore.getInstance("JKS");
+				try (InputStream is = ResourceLoader.getStream("/data/truststore.jks")) {
+					systemRoot.load(is, password);
+				}
+			}
 
 			TrustManagerFactory windowsTMF = TrustManagerFactory.getInstance(
 					TrustManagerFactory.getDefaultAlgorithm());
-			windowsTMF.init(windowsRoot);
-			LOGGER.info("Windows entries: " + windowsRoot.size());
+			windowsTMF.init(systemRoot);
+			LOGGER.info("System entries: " + systemRoot.size());
 			X509TrustManager windowsTrustManager = getX509TrustManager(windowsTMF);
 
 			// --- Combine using delegating trust manager ---
-- 
cgit v1.2.3-55-g7522