Reputation: 3046
Which keystore is used when null is passed to KeyManagerFactory.init() in Java?
When I execute the following code:
KeyManagerFactory keyManagerFactory = KeyManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(null, null);
and then the subsequent establishment of the ssl connection, I get a Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure and not a NullPointerException or something. Which keystore is used then? Or is the NPE hidden?
Upvotes: 2
Views: 1916
Answers (1)
Reputation: 122719
When null is used as the keystore argument of KeyManagerFactory.init(..., ...), no keystore is used (it's in fact using an empty list internally).
There's no "hidden" NullPointerException as such, and there's no reason why there should be one. Of course, using a null value here and an empty collection has consequences when trying to use a keymanager, but not all SSL/TLS connections require a keystore (e.g. client-side without client certificate or anonymous cipher suites).
(Note that, although there is no default value for the keystore, there is one for the truststore, so that default value would be used with TrustManagerFactory.init(null).)
Upvotes: 6
Related Questions
- Sun Java KeyManagerFactory and null passwords
- What is Keystore?
- What is the significance of "key password" in keystore using keytool
- Java - System.setProperty javax.net.ssl.keyStore - Reference to the key file in a Jar
- Where is the location of Keystore file in JAVA?
- Setting up keystore programmatically before getting default SSL context
- why does a JKS load work even when we supply null password?
- How does Javas KeyManagerFactory.init work with multiple keys
- Keystore and Certificate concepts
- Get instance of keystore that JVM loads by default