added truststore support

2026-06-30 17:53:01 +02:00 · 2026-06-30 17:53:01 +02:00 · d0f0a16c57
commit d0f0a16c57
parent 342ab14cb2
3 changed files with 33 additions and 0 deletions
--- a/src/main/java/cz/trask/adfs/AdfsAuthMsServer.java
+++ b/src/main/java/cz/trask/adfs/AdfsAuthMsServer.java
@ -38,6 +38,9 @@ public class AdfsAuthMsServer {
        AdfsTokenService tokenService = new AdfsTokenService(config.getAdfs(), objectMapper);

        this.server = createServer(config);
+        
+        applySslTrustProperties(config);
+
        List<ContextConfig> contexts = config.getServer().getContexts().getContext();
        for (ContextConfig contextConfig : contexts) {
            logger.debug("Creating context: {} -> {}", contextConfig.getPath(), contextConfig.getClassName());
@ -64,6 +67,16 @@ public class AdfsAuthMsServer {
        logger.info("ADFS auth microservice started on {}", server.getAddress());
    }

+    private void applySslTrustProperties(AppConfig config) {
+        if (config.getTrustStore() != null && !config.getTrustStore().isBlank()) {
+            logger.info("Setting javax.net.ssl.trustStore to {}", config.getTrustStore());
+            System.setProperty("javax.net.ssl.trustStore", config.getTrustStore());
+            if (config.getTrustStorePassword() != null) {
+                System.setProperty("javax.net.ssl.trustStorePassword", config.getTrustStorePassword());
+            }
+        }
+    }
+
    private HttpServer createServer(AppConfig config) throws Exception {
        String type = config.getServer().getType();
        int port = config.getServer().getPort();
--- a/src/main/java/cz/trask/adfs/config/AppConfig.java
+++ b/src/main/java/cz/trask/adfs/config/AppConfig.java
@ -8,6 +8,8 @@ public class AppConfig {
    private ServerConfig server = new ServerConfig();
    private AdfsConfig adfs = new AdfsConfig();
    private String backendUrl;
+    private String trustStore;
+    private String trustStorePassword;

    public ServerConfig getServer() {
        return server;
@ -33,6 +35,22 @@ public class AppConfig {
        this.backendUrl = backendUrl;
    }

+    public String getTrustStore() {
+        return trustStore;
+    }
+
+    public void setTrustStore(String trustStore) {
+        this.trustStore = trustStore;
+    }
+
+    public String getTrustStorePassword() {
+        return trustStorePassword;
+    }
+
+    public void setTrustStorePassword(String trustStorePassword) {
+        this.trustStorePassword = trustStorePassword;
+    }
+
    public static class ServerConfig {
        private String type = "http";
        private int port = 8080;
--- a/src/main/resources/config.yaml
+++ b/src/main/resources/config.yaml
@ -23,3 +23,5 @@ adfs:
  proxyPassword: ""

 backendUrl: "https://calc.kamma.cz/add?x=543&y=123"
+trustStore: "/home/kamma/java/jdk-11.0.29+7/lib/security/cacerts"
+trustStorePassword: "changeit"