Hello,
(Sorry, I'm replying a bit late and perhaps slightly off-topic.)
Oleksiy Stashok wrote:
>>
>> Can you describe what you need to create inside the createSSLContext()?
> Currently, for unit test, it looks like that:
>
> private SSLContext createSSLContext() {
> SSLContextConfigurator sslContextConfigurator =
> new SSLContextConfigurator();
> ClassLoader cl = getClass().getClassLoader();
> // override system properties
> URL cacertsUrl = cl.getResource("ssltest-cacerts.jks");
> if (cacertsUrl != null) {
> sslContextConfigurator.setTrustStoreFile(cacertsUrl.getFile());
> }
>
> // override system properties
> URL keystoreUrl = cl.getResource("ssltest-keystore.jks");
> if (keystoreUrl != null) {
> sslContextConfigurator.setKeyStoreFile(keystoreUrl.getFile());
> }
>
> return sslContextConfigurator.createSSLContext();
> }
>
> There could be different ways to create SSLContext... Grizzly 2.0 just
> has a helper class SSLContextConfigurator, which makes SSLContext
> initialization easier.
Just out of curiosity, have you tried to talk to the JDK 7 team to see
if this sort of class could be part of the JRE? I've done a similar
interface (and classes) which I've called SSLContextFactory in jSSLutils
[1] to help with configuring SSLContexts, in particular to configure the
CRLs more easily and to be able to tweak the TrustManagers. (By the way,
this is already in use with the Grizzly connector in Restlet.)
I mentioned this SSLContextFactory on the OpenJDK security mailing list
a few months ago, but I haven't had much feedback. (I understand that
they probably have other priorities, and this is not an emergency indeed.)
Best wishes,
Bruno.
[1]
http://www.jsslutils.org/