Using constants for default keystore type, file names, password

- in few tests changed to different to avoid confusion

Signed-off-by: David Matějček <[email protected]>

Author: dmatej

appserver/itest-tools/src/main/java/org/glassfish/main/itest/tools/GlassFishTestEnvironment.java

@@ -57,7 +57,9 @@
 import org.glassfish.main.itest.tools.asadmin.StartServ;
 import org.glassfish.main.jdke.security.KeyTool;
 
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_FILENAME_DEFAULT;
 import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_PASSWORD_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.TRUSTSTORE_FILENAME_DEFAULT;
 import static java.net.http.HttpResponse.BodyHandlers.ofString;
 import static org.glassfish.embeddable.GlassFishVariable.JAVA_HOME;
 import static org.glassfish.main.itest.tools.asadmin.AsadminResultMatcher.asadminOK;
@@ -176,7 +178,7 @@ public static Path getDomain1Directory() {
 
 
     public static KeyStore getDomain1KeyStore() {
-        Path keystore = getDomain1Directory().resolve(Paths.get("config", "keystore.jks"));
+        Path keystore = getDomain1Directory().resolve(Paths.get("config", KEYSTORE_FILENAME_DEFAULT));
         try {
             return new KeyTool(keystore.toFile(), KEYSTORE_PASSWORD_DEFAULT.toCharArray()).loadKeyStore();
         } catch (IOException e) {
@@ -186,7 +188,7 @@ public static KeyStore getDomain1KeyStore() {
 
 
     public static KeyStore getDomain1TrustStore() {
-        Path cacerts = getDomain1Directory().resolve(Paths.get("config", "cacerts.jks"));
+        Path cacerts = getDomain1Directory().resolve(Paths.get("config", TRUSTSTORE_FILENAME_DEFAULT));
         try {
             return new KeyTool(cacerts.toFile(), KEYSTORE_PASSWORD_DEFAULT.toCharArray()).loadKeyStore();
         } catch (IOException e) {

appserver/tests/application/src/test/java/org/glassfish/main/test/app/security/jmac/https/JmacHttpsTest.java

@@ -50,6 +50,7 @@
 import org.junit.jupiter.api.io.TempDir;
 
 import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_PASSWORD_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.TRUSTSTORE_FILENAME_DEFAULT;
 import static java.lang.System.Logger.Level.DEBUG;
 import static java.lang.System.Logger.Level.INFO;
 import static java.lang.System.Logger.Level.TRACE;
@@ -84,11 +85,11 @@ public class JmacHttpsTest {
 
     @BeforeAll
     public static void prepareDeployment() throws Exception {
-        myKeyStore = new File(tempDir, "httpstest.jks");
+        myKeyStore = new File(tempDir, "httpstest.p12");
         myKeyStoreTool = new KeyTool(myKeyStore, MYKS_PASSWORD);
         myKeyStoreTool.generateKeyPair("httpstest", "CN=HTTPSTEST,OU=Eclipse GlassFish Tests", "RSA", 7);
 
-        File cacertsFile = getDomain1Directory().resolve(Paths.get("config", "cacerts.jks")).toFile();
+        File cacertsFile = getDomain1Directory().resolve(Paths.get("config", TRUSTSTORE_FILENAME_DEFAULT)).toFile();
         myKeyStoreTool.copyCertificate("httpstest", cacertsFile, KEYSTORE_PASSWORD_DEFAULT.toCharArray());
 
         // Default is false, required to set the client certificate to the context.

appserver/tests/embedded/maven-plugin/secureWebApp/src/test/java/org/glassfish/tests/embedded/securewebapp/SecureWebAppTest.java

@@ -65,7 +65,8 @@ public void checkServerTrusted(X509Certificate[] certs, String authType) {
 
     @BeforeAll
     public static void createKeyStore() throws Exception {
-        File keystore = JUnitSystem.detectBasedir().resolve(Path.of("target", "keystore.jks")).toFile();
+        // The file is set also in system.properties file
+        File keystore = JUnitSystem.detectBasedir().resolve(Path.of("target", "testkeystore.p12")).toFile();
         KeyTool keyTool = new KeyTool(keystore, KEYSTORE_PASSWORD_DEFAULT.toCharArray());
         keyTool.generateKeyPair("s1as", "CN=localhost", "RSA", 1);
     }

appserver/tests/embedded/maven-plugin/secureWebApp/src/test/resources/system.properties

@@ -16,5 +16,5 @@
 #
 
 org.glassfish.embedded.greeting=Hi from BHAVANI
-javax.net.ssl.keyStore=${project.build.directory}/keystore.jks
-javax.net.ssl.trustStore=${project.build.directory}/truststore.jks
+javax.net.ssl.keyStore=${project.build.directory}/testkeystore.p12
+javax.net.ssl.trustStore=${project.build.directory}/testtruststore.p12

appserver/tests/embedded/web/web-api/src/test/java/org/glassfish/tests/embedded/web/EmbeddedAddHttpsListenerTest.java

@@ -20,6 +20,7 @@
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.InputStreamReader;
+import java.net.URI;
 import java.net.URL;
 import java.security.SecureRandom;
 import java.security.cert.X509Certificate;
@@ -34,7 +35,6 @@
 import org.glassfish.embeddable.GlassFish;
 import org.glassfish.embeddable.GlassFishException;
 import org.glassfish.embeddable.GlassFishRuntime;
-import org.glassfish.embeddable.GlassFishVariable;
 import org.glassfish.embeddable.web.HttpsListener;
 import org.glassfish.embeddable.web.WebContainer;
 import org.glassfish.embeddable.web.config.SslConfig;
@@ -46,6 +46,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.io.TempDir;
 
+import static org.glassfish.embeddable.GlassFishVariable.KEYSTORE_FILE;
 import static org.glassfish.main.jdke.props.SystemProperties.setProperty;
 
 /**
@@ -56,17 +57,17 @@
 public class EmbeddedAddHttpsListenerTest {
 
     @TempDir
-    static File tempDir;
-    static GlassFish glassfish;
-    static WebContainer embedded;
-    static File root;
-    static String contextRoot = "test";
+    private static File tempDir;
+    private static GlassFish glassfish;
+    private static WebContainer embedded;
+    private static File root;
+    private static File keystore;
 
     @BeforeAll
     public static void setupServer() throws Exception {
 
-        File keystore = new File(tempDir, "keystore.jks");
-        setProperty(GlassFishVariable.KEYSTORE_FILE.getSystemPropertyName(), keystore.getAbsolutePath(), true);
+        keystore = new File(tempDir, "test_keystore.p12");
+        setProperty(KEYSTORE_FILE.getSystemPropertyName(), keystore.getAbsolutePath(), true);
         KeyTool keyTool = new KeyTool(keystore, "changeit".toCharArray());
         keyTool.generateKeyPair("s1as", "CN=localhost", "RSA", 1);
 
@@ -87,7 +88,6 @@ public static void setupServer() throws Exception {
 
     private void createHttpsListener(int port,
                                      String name,
-                                     String keystore,
                                      String password,
                                      String certname) throws Exception {
 
@@ -96,11 +96,8 @@ private void createHttpsListener(int port,
         listener.setId(name);
 
         String keyStorePath = root.getAbsolutePath() + keystore;
-        String trustStorePath = root.getAbsolutePath() + "/cacerts.jks";
-        SslConfig sslConfig = new SslConfig(keyStorePath, trustStorePath);
+        SslConfig sslConfig = new SslConfig(keyStorePath, null);
         sslConfig.setKeyPassword(password.toCharArray());
-        String trustPassword = "changeit";
-        sslConfig.setTrustPassword(trustPassword.toCharArray());
         if (certname != null) {
             sslConfig.setCertNickname(certname);
         }
@@ -110,26 +107,23 @@ private void createHttpsListener(int port,
     }
 
     private void verify(int port) throws Exception {
-
-        URL servlet = new URL("https://localhost:"+port+"/classes/hello");
+        URL servlet = new URI("https://localhost:" + port + "/classes/hello").toURL();
         HttpsURLConnection uc = (HttpsURLConnection) servlet.openConnection();
-        BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
         StringBuilder sb = new StringBuilder();
-        String inputLine;
-        while ((inputLine = in.readLine()) != null){
-            sb.append(inputLine);
+        try (BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()))) {
+            String inputLine;
+            while ((inputLine = in.readLine()) != null) {
+                sb.append(inputLine);
+            }
         }
-        in.close();
         System.out.println(sb);
         Assertions.assertEquals("Hello World!", sb.toString());
     }
 
     @Test
     public void test() throws Exception {
 
-        createHttpsListener(9191, "default-ssl-listener", "/keystore.jks", "changeit", "s1as");
-        //createHttpsListener(9292, "ssl-listener0", "/keystore0", "password0", "keystore0");
-        //createHttpsListener(9393, "ssl-listener1", "/keystore1", "password1", null);
+        createHttpsListener(9191, "default-ssl-listener", "changeit", "s1as");
 
         Deployer deployer = glassfish.getDeployer();
 

appserver/web/web-core/src/main/java/org/apache/catalina/connector/CoyoteServerSocketFactory.java

@@ -23,6 +23,7 @@
 import java.net.ServerSocket;
 
 import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_PASSWORD_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_TYPE_DEFAULT;
 
 
 /**
@@ -43,7 +44,7 @@
  * <li><strong>keystorePass</strong> - Password for the Key Store file to be
  *     loaded. ["changeit"]</li>
  * <li><strong>keystoreType</strong> - Type of the Key Store file to be
- *     loaded. ["JKS"]</li>
+ *     loaded.</li>
  * <li><strong>protocol</strong> - SSL protocol to use. [TLS]</li>
  * </ul>
  *
@@ -61,7 +62,7 @@ public class CoyoteServerSocketFactory
     private String randomFile;
     private String rootFile;
     private String keystorePass = KEYSTORE_PASSWORD_DEFAULT;
-    private String keystoreType = "JKS";
+    private String keystoreType = KEYSTORE_TYPE_DEFAULT;
     private String protocol = "TLS";
     private String protocols;
     private String sslImplementation;

appserver/web/web-glue/src/main/java/com/sun/enterprise/web/connector/coyote/PECoyoteConnector.java

@@ -60,16 +60,14 @@
 import org.glassfish.web.admin.monitor.RequestProbeProvider;
 import org.glassfish.web.util.IntrospectionUtils;
 
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_TYPE_DEFAULT;
 import static org.glassfish.embeddable.GlassFishVariable.KEYSTORE_FILE;
 import static org.glassfish.embeddable.GlassFishVariable.KEYSTORE_TYPE;
 import static org.glassfish.embeddable.GlassFishVariable.TRUSTSTORE_FILE;
 import static org.glassfish.embeddable.GlassFishVariable.TRUSTSTORE_TYPE;
 
 public class PECoyoteConnector extends Connector {
 
-    private static final String DEFAULT_KEYSTORE_TYPE = "JKS";
-    private static final String DEFAULT_TRUSTSTORE_TYPE = "JKS";
-
     private static final String DUMMY_CONNECTOR_LAUNCHER = DummyConnectorLauncher.class.getName();
 
     protected static final Logger _logger = LogFacade.getLogger();
@@ -1334,14 +1332,14 @@ private void configureSSL(NetworkListener listener) {
      */
     private void configureKeysAndCerts() {
         String prop = System.getProperty(KEYSTORE_FILE.getSystemPropertyName());
-        String keyStoreType = System.getProperty(KEYSTORE_TYPE.getSystemPropertyName(), DEFAULT_KEYSTORE_TYPE);
+        String keyStoreType = System.getProperty(KEYSTORE_TYPE.getSystemPropertyName(), KEYSTORE_TYPE_DEFAULT);
         if (prop != null) {
             setKeystoreFile(prop);
             setKeystoreType(keyStoreType);
         }
 
         prop = System.getProperty(TRUSTSTORE_FILE.getSystemPropertyName());
-        keyStoreType = System.getProperty(TRUSTSTORE_TYPE.getSystemPropertyName(), DEFAULT_TRUSTSTORE_TYPE);
+        keyStoreType = System.getProperty(TRUSTSTORE_TYPE.getSystemPropertyName(), KEYSTORE_TYPE_DEFAULT);
         if (prop != null) {
             setTruststore(prop);
             setTruststoreType(keyStoreType);

nucleus/admin/server-mgmt/src/main/java/com/sun/enterprise/admin/servermgmt/KeystoreManager.java

@@ -32,8 +32,8 @@
 
 import org.glassfish.main.jdke.security.KeyTool;
 
-import static com.sun.enterprise.admin.servermgmt.domain.DomainConstants.KEYSTORE_FILE;
-import static com.sun.enterprise.admin.servermgmt.domain.DomainConstants.TRUSTSTORE_FILE;
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_FILENAME_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.TRUSTSTORE_FILENAME_DEFAULT;
 
 /**
  * @author kebbs
@@ -102,8 +102,8 @@ protected void createKeyStore(File keyStore, RepositoryConfig config, String mas
 
     protected void copyCertificatesToTrustStore(File configRoot, DomainConfig config, String masterPassword)
         throws DomainException {
-        final File keyStore = new File(configRoot, KEYSTORE_FILE);
-        final File trustStore = new File(configRoot, TRUSTSTORE_FILE);
+        final File keyStore = new File(configRoot, KEYSTORE_FILENAME_DEFAULT);
+        final File trustStore = new File(configRoot, TRUSTSTORE_FILENAME_DEFAULT);
         final KeyTool keyTool = new KeyTool(keyStore, masterPassword.toCharArray());
         try {
             keyTool.copyCertificate(CERTIFICATE_ALIAS, trustStore);

nucleus/admin/server-mgmt/src/main/java/com/sun/enterprise/admin/servermgmt/cli/LocalServerCommand.java

@@ -47,6 +47,7 @@
 import static com.sun.enterprise.admin.cli.CLIConstants.DEFAULT_HOSTNAME;
 import static com.sun.enterprise.admin.cli.ProgramOptions.PasswordLocation.LOCAL_PASSWORD;
 import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_PASSWORD_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.TRUSTSTORE_FILENAME_DEFAULT;
 import static java.util.logging.Level.CONFIG;
 import static java.util.logging.Level.FINER;
 
@@ -408,7 +409,7 @@ private File getJKS() {
             return null;
         }
 
-        File mp = new File(new File(serverDirs.getServerDir(), "config"), "cacerts.jks");
+        File mp = new File(new File(serverDirs.getServerDir(), "config"), TRUSTSTORE_FILENAME_DEFAULT);
         if (!mp.canRead()) {
             return null;
         }

nucleus/admin/server-mgmt/src/main/java/com/sun/enterprise/admin/servermgmt/domain/DomainBuilder.java

@@ -49,6 +49,7 @@
 import java.util.logging.Logger;
 
 import static com.sun.enterprise.admin.servermgmt.domain.DomainConstants.DOMAIN_XML_FILE;
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_FILENAME_DEFAULT;
 import static java.text.MessageFormat.format;
 import static org.glassfish.embeddable.GlassFishVariable.INSTALL_ROOT;
 
@@ -137,7 +138,7 @@ private void initialize() throws DomainException {
             _domainTempalte = new DomainTemplate(templateInfoHolder, stringSubstitutor, templateJarPath);
 
             // Loads default self signed certificate.
-            je = _templateJar.getJarEntry("config/" + DomainConstants.KEYSTORE_FILE);
+            je = _templateJar.getJarEntry("config/" + KEYSTORE_FILENAME_DEFAULT);
             if (je != null) {
                 _keystoreBytes = new byte[(int) je.getSize()];
                 InputStream in = null;

nucleus/admin/server-mgmt/src/main/java/com/sun/enterprise/admin/servermgmt/domain/DomainConstants.java

@@ -1,4 +1,5 @@
 /*
+ * Copyright (c) 2025 Contributors to the Eclipse Foundation.
  * Copyright (c) 2013, 2018 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
@@ -13,10 +14,13 @@
  *
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
  */
-
 package com.sun.enterprise.admin.servermgmt.domain;
 
-public class DomainConstants {
+public final class DomainConstants {
+
+    private DomainConstants() {
+        // Prevent instantiation
+    }
 
     /** Filename contains encrypted admin credentials. */
     public static final String ADMIN_KEY_FILE = "admin-keyfile";
@@ -36,15 +40,9 @@ public class DomainConstants {
     /** Name of directory stores the domain information. */
     public static final String INFO_DIRECTORY = "init-info";
 
-    /** Filename contains the server certificates, including its private key. */
-    public static final String KEYSTORE_FILE = "keystore.jks";
-
     /** Master password file name stores the password for secure key store. */
     public static final String MASTERPASSWORD_FILE = "master-password";
 
-    /** Filename contains the trusted certificates, including public keys. */
-    public static final String TRUSTSTORE_FILE = "cacerts.jks";
-
     /** Filename contains most of the domain configuration. */
     public static final String DOMAIN_XML_FILE = "domain.xml";
 }

nucleus/admin/server-mgmt/src/main/java/com/sun/enterprise/admin/servermgmt/domain/DomainSecurity.java

@@ -27,9 +27,9 @@
 
 import org.glassfish.security.common.FileRealmHelper;
 
-import static com.sun.enterprise.admin.servermgmt.domain.DomainConstants.KEYSTORE_FILE;
-import static com.sun.enterprise.admin.servermgmt.domain.DomainConstants.TRUSTSTORE_FILE;
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_FILENAME_DEFAULT;
 import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_PASSWORD_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.TRUSTSTORE_FILENAME_DEFAULT;
 
 public class DomainSecurity extends MasterPasswordFileManager {
 
@@ -75,8 +75,8 @@ void createPasswordAliasKeystore(File pwFile, String password) throws Repository
      * @throws RepositoryException if any error occurs during keystore creation.
      */
     void createSSLCertificateDatabase(File configDir, DomainConfig config, String masterPassword) throws RepositoryException {
-        createKeyStore(new File(configDir, KEYSTORE_FILE), config, masterPassword);
-        changeKeystorePassword(KEYSTORE_PASSWORD_DEFAULT, masterPassword, new File(configDir, TRUSTSTORE_FILE));
+        createKeyStore(new File(configDir, KEYSTORE_FILENAME_DEFAULT), config, masterPassword);
+        changeKeystorePassword(KEYSTORE_PASSWORD_DEFAULT, masterPassword, new File(configDir, TRUSTSTORE_FILENAME_DEFAULT));
         copyCertificatesToTrustStore(configDir, config, masterPassword);
     }
 

nucleus/admin/server-mgmt/src/main/java/com/sun/enterprise/admin/servermgmt/pe/PEFileLayout.java

@@ -30,6 +30,8 @@
 import java.util.Locale;
 import java.util.Map;
 
+import static com.sun.enterprise.util.SystemPropertyConstants.KEYSTORE_FILENAME_DEFAULT;
+import static com.sun.enterprise.util.SystemPropertyConstants.TRUSTSTORE_FILENAME_DEFAULT;
 import static java.text.MessageFormat.format;
 
 public class PEFileLayout {
@@ -534,17 +536,12 @@ public File getWssServerConfig() {
         return new File(getConfigRoot(), WSSSERVERCONFIG);
     }
 
-    public static final String KEYSTORE = "keystore.jks";
-
     public File getKeyStore() {
-        return new File(getConfigRoot(), KEYSTORE);
+        return new File(getConfigRoot(), KEYSTORE_FILENAME_DEFAULT);
     }
 
-
-    public static final String TRUSTSTORE = "cacerts.jks";
-
     public File getTrustStore() {
-        return new File(getConfigRoot(), TRUSTSTORE);
+        return new File(getConfigRoot(), TRUSTSTORE_FILENAME_DEFAULT);
     }
 
     public static final String MASTERPASSWORD_FILE = "master-password";