httpcore5/src/main/java/org/apache/hc/core5/ssl/SSLContexts.java

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -27,7 +27,6 @@
  
    package org.apache.hc.core5.ssl;

    import java.security.KeyManagementException;

    import java.security.NoSuchAlgorithmException;

    import javax.net.ssl.SSLContext;

    @@ -41,7 +40,7 @@
  
     * SSLContext#init(KeyManager[], TrustManager[], SecureRandom)}

     * accepts multiple key and trust managers, however only only first matching type is ever used.

     * See for example:

     * <a href="http://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html#init%28javax.net.ssl.KeyManager[],%20javax.net.ssl.TrustManager[],%20java.security.SecureRandom%29">

     * <a href="https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLContext.html#init-javax.net.ssl.KeyManager:A-javax.net.ssl.TrustManager:A-java.security.SecureRandom-">

     * SSLContext.html#init

     * </a>

     * @since 4.4

    @@ -53,40 +52,31 @@ private SSLContexts() {
  
        }

        /**

         * Creates default factory based on the standard JSSE trust material

         * ({@code cacerts} file in the security properties directory). System properties

         * are not taken into consideration.

         * Returns the JDK default {@link SSLContext}.

         *

         * @return the default SSL socket factory

         * @throws SSLInitializationException if NoSuchAlgorithmException or KeyManagementException

         * are thrown when invoking {@link SSLContext#getInstance(String)}

         * @return the default JDK SSL context

         * @throws SSLInitializationException if NoSuchAlgorithmException

         * is thrown when invoking {@link SSLContext#getInstance(String)}

         */

        public static SSLContext createDefault() throws SSLInitializationException {

            try {

                final SSLContext sslContext = SSLContext.getInstance(SSLContextBuilder.TLS);

                sslContext.init(null, null, null);

                return sslContext;

            } catch (final NoSuchAlgorithmException | KeyManagementException ex) {

                throw new SSLInitializationException(ex.getMessage(), ex);

                return SSLContext.getDefault();

            } catch (final NoSuchAlgorithmException ex) {

                return createDefault();

            }

        }

        /**

         * Creates default SSL context based on system properties. This method obtains

         * default SSL context by calling {@code SSLContext.getInstance("Default")}.

         * Please note that {@code Default} algorithm is supported as of Java 6.

         * This method will fall back onto {@link #createDefault()} when

         * {@code Default} algorithm is not available.

         * Deprecated alias for {@link #createDefault()}.

         *

         * @return default system SSL context

         * @throws SSLInitializationException if {@link #createDefault()} throws it

         * @return the default JDK SSL context

         * @throws SSLInitializationException if NoSuchAlgorithmException

         * is thrown when invoking {@link SSLContext#getInstance(String)}

         * @deprecated Call {@link #createDefault} instead

         */

        @Deprecated

        public static SSLContext createSystemDefault() throws SSLInitializationException {

            try {

                return SSLContext.getDefault();

            } catch (final NoSuchAlgorithmException ex) {

                return createDefault();

            }

            return createDefault();

        }

        /**

httpcore5/src/test/java/org/apache/hc/core5/ssl/SSLContextsTest.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -50,7 +50,7 @@ void createDefault() { @@
             final SSLContext sslContext = SSLContexts.createDefault();
             assertAll(
                     () -> assertNotNull(sslContext),
-                    () -> assertEquals(SSLContextBuilder.TLS, sslContext.getProtocol()),
+                    () -> assertEquals("Default", sslContext.getProtocol()),
                     () -> assertNotNull(sslContext.getProvider())
             );
         }
@@ Expand Down Expand Up @@
                     () -> assertEquals("SunJSSE", sslContext.getProvider().getName())
             );
         }
-    }
+    }

SSLContexts: Respect system properties by default #607

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

rschmitt merged 1 commit into apache:master from rschmitt:system

Jan 26, 2026

-Original file line number
+Diff line change
@@ Expand Up / @@ -50,7 +50,7 @@ void createDefault() { @@
             final SSLContext sslContext = SSLContexts.createDefault();
             assertAll(
                     () -> assertNotNull(sslContext),
-                    () -> assertEquals(SSLContextBuilder.TLS, sslContext.getProtocol()),
+                    () -> assertEquals("Default", sslContext.getProtocol()),
                     () -> assertNotNull(sslContext.getProvider())
             );
         }
@@ Expand Down Expand Up @@
                     () -> assertEquals("SunJSSE", sslContext.getProvider().getName())
             );
         }
-    }
+    }

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSLContexts: Respect system properties by default #607

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!