View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004630 | SymmetricDS | Bug | public | 2020-11-06 15:53 | 2020-11-09 15:15 |
| Reporter | pmarzullo | Assigned To | pmarzullo | ||
| Priority | normal | ||||
| Status | closed | Resolution | fixed | ||
| Product Version | 3.12.4 | ||||
| Target Version | 3.12.5 | Fixed in Version | 3.12.5 | ||
| Summary | 0004630: TransportManagerFactory needs to call SelfSignedX509TrustManager constructor with actual trust store used instead of null | ||||
| Description | The TransportManagerFactory, when initializing https, initializes the trust store manager factory with a null reference instead of the currently used trust store. Https2 (Conscrypt), when the trust store reference is null, uses the default trust store which comes from the JRE, which has a default password of "changeit". When the password for the trust store is specified on the command line with a system property that is different than "changeit", Conscrypt fails to open the default trust store because it is using the wrong password (the specified password instead of "changeit"). Need to provide a reference to the actual used trust store when initializing https and the trust store manager factory. | ||||
| Steps To Reproduce | 1. Create a trust store with a different password than "changeit". 2. Specify the trust store password on the command line (wrapper.java.additional=-Djavax.net.ssl.trustStorePassword=someotherpassword) 3. Specify to use https2 4. Start up SymmetricDS. 5. Should fail startup with exception. | ||||
| Tags | security | ||||
|
SymmetricDS: 3.12 77408305 2020-11-06 15:54:47 Details Diff |
0004630: TransportManagerFactory needs to call SelfSignedX509TrustManager constructor with actual trust store used instead of null |
Affected Issues 0004630 |
|
| mod - symmetric-core/src/main/java/org/jumpmind/symmetric/transport/TransportManagerFactory.java | Diff File | ||
|
SymmetricDS: 3.12 25d1b414 2020-11-06 18:48:29 Details Diff |
0004630: TransportManagerFactory needs to call SelfSignedX509TrustManager constructor with actual trust store used instead of null |
Affected Issues 0004630 |
|
| mod - symmetric-util/src/main/java/org/jumpmind/security/SecurityService.java | Diff File | ||
|
SymmetricDS: 3.12 743159e8 2020-11-06 19:42:15 Details Diff |
0004630: TransportManagerFactory needs to call SelfSignedX509TrustManager constructor with actual trust store used instead of null |
Affected Issues 0004630 |
|
| mod - symmetric-core/src/main/java/org/jumpmind/symmetric/transport/TransportManagerFactory.java | Diff File | ||
| mod - symmetric-util/src/main/java/org/jumpmind/security/SecurityService.java | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-11-06 15:53 | pmarzullo | New Issue | |
| 2020-11-06 15:53 | pmarzullo | Status | new => assigned |
| 2020-11-06 15:53 | pmarzullo | Assigned To | => pmarzullo |
| 2020-11-06 15:53 | pmarzullo | Tag Attached: security | |
| 2020-11-06 15:54 | pmarzullo | Steps to Reproduce Updated | View Revisions |
| 2020-11-06 15:57 | pmarzullo | Status | assigned => resolved |
| 2020-11-06 15:57 | pmarzullo | Resolution | open => fixed |
| 2020-11-06 15:57 | pmarzullo | Fixed in Version | => 3.12.5 |
| 2020-11-06 16:00 | pmarzullo | Changeset attached | => SymmetricDS 3.12 77408305 |
| 2020-11-06 19:00 | pmarzullo | Changeset attached | => SymmetricDS 3.12 25d1b414 |
| 2020-11-06 20:00 | pmarzullo | Changeset attached | => SymmetricDS 3.12 743159e8 |
| 2020-11-09 15:15 | admin | Status | resolved => closed |