Description of problem: There is a bug in JBossJSSESecurityDomain.java where it attempts to use the keystore/truststore provider to get instances of the trust manager. The code reads: if (trustManagerFactoryProvider != null) trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustStoreProvider); else trustManagerFactory = TrustManagerFactory.getInstance(algorithm); I think it should read: if (trustManagerFactoryProvider != null) trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustManagerFactoryProvider); else trustManagerFactory = TrustManagerFactory.getInstance(algorithm); Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: Setup a security-domain that defines a JSSE keystore/truststore: + <!-- + <jsse keystore-url="/home/dehort/dev/java/jboss-eap-6.1.1/standalone/configuration/server.keystore" + keystore-password="123456" + key-manager-factory-algorithm="SunX509" + key-manager-factory-provider="SunJSSE"/> + --> + <jsse truststore-url="/home/dehort/dev/java/jboss-eap-6.1.1/standalone/configuration/server.keystore" + truststore-password="123456" + trust-manager-factory-algorithm="SunX509" + trust-manager-factory-provider="SunJSSE"/> Actual results: Expected results: Additional info:
Fixed. Checked into: https://svn.jboss.org/repos/picketbox/branches/eap62
Included release note text from duplicate bug 1067574. Marking for inclusion in 6.3.0 Release Notes.
Fixed in 4.0.19.SP6 which based on 1088897 should be used in 6.3.0.
Verified in EAP 6.3.0.ER4
As per bz 1097167, this has been set back to known issue. I removed the doc text so here it is, ready to be reinstated: Previous versions of JBoss EAP 6 included a bug which caused JBossJSSESecurityDomain.java to attempt to use the keystore/truststore provider to get instances of the trust manager. This behavior was incorrect as the "trust-manager-factory-provider" setting cannot be used in the JSSE section of a security domain. Using this setting (even if properly configured) would result in an exception during start up. This bug has been resolved in this release and the "trust-manager-factory-provider" setting can now be used to set the `trustManagerFactoryProvider`.
Reinstated doc text.
Making public for inclusion in 6.3.0 Release Notes.