log x509 cert

telefonicaid · Jun 27, 2024 · 220bb52 · 220bb52
1 parent f6df99b
commit 220bb52
Showing 1 changed file with 7 additions and 8 deletions.
diff --git a/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java b/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java
@@ -611,23 +611,22 @@ private MongoDatabase getDatabase(String dbName) {
                 try {
                     KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                     if ((sslKeystorePathFile != null) && !sslKeystorePathFile.isEmpty()) {
-                        try (InputStream keyStoreStream = new FileInputStream(sslKeystorePathFile)) {
+                        InputStream keyStoreStream = new FileInputStream(sslKeystorePathFile);
                         keyStore.load(keyStoreStream, sslKeystorePassword.toCharArray());
-                        }
                     } else {
                         keyStore.load(null);
                     }
                     if ((sslCAPathFile != null) && !sslCAPathFile.isEmpty()) {
-                        try (InputStream trustStoreStream = new FileInputStream(sslCAPathFile)) {
-                            CertificateFactory cf = CertificateFactory.getInstance("X.509");
-                            X509Certificate caCert = (X509Certificate) cf.generateCertificate(trustStoreStream);
-                            keyStore.setCertificateEntry("caCert", caCert);
-                        }
+                        InputStream caStream = new FileInputStream(sslCAPathFile);
+                        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+                        X509Certificate caCert = (X509Certificate) cf.generateCertificate(caStream);
+                        LOGGER.debug("CA subjectDN: " + caCert.getSubjectDN());
+                        keyStore.setCertificateEntry("caCert", caCert);
                     }
                     TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                     trustManagerFactory.init(keyStore);
                     sslContext = SSLContext.getInstance("TLS");
-                    sslContext.init(null, trustManagerFactory.getTrustManagers(), new java.security.SecureRandom());
+                    sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
                 } catch (Exception e) {
                     LOGGER.warn("Error when init SSL Context: " + e.getMessage());
                 }