Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7145592

NullPointer exception in SSLContext.init() (when creating a trust all i guess)

XMLWordPrintable

      FULL PRODUCT VERSION :
      java version "1.7.0_04-ea"
      Java(TM) SE Runtime Environment (build 1.7.0_04-ea-b11)
      Java HotSpot(TM) 64-Bit Server VM (build 23.0-b14, mixed mode)

      ADDITIONAL OS VERSION INFORMATION :
      Microsoft Windows [Version 6.1.7601]

      A DESCRIPTION OF THE PROBLEM :
      On java 6 and i believe also on a previous java 7 build this works fine, but now i see these things happening, for example in eclipse:

      java.lang.NullPointerException
      at java.util.Collections.addAll(Collections.java:3836)
      at sun.security.ssl.AbstractTrustManagerWrapper.<init>(SSLContextImpl.java:778)
      at sun.security.ssl.SSLContextImpl.chooseTrustManager(SSLContextImpl.java:133)
      at sun.security.ssl.SSLContextImpl.engineInit(SSLContextImpl.java:89)
      at javax.net.ssl.SSLContext.init(SSLContext.java:283)
      at org.eclipse.mylyn.internal.commons.net.PollingSslProtocolSocketFactory.<init>(PollingSslProtocolSocketFactory.java:85)
      at org.eclipse.mylyn.commons.net.WebUtil.<clinit>(WebUtil.java:194)
      at org.eclipse.mylyn.internal.tasks.ui.TasksUiPlugin.start(TasksUiPlugin.java:549)
      at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)

      also egit where i say "dont verify ssl, because i use self signed certificates" also doesn't work, because i guess they are initializing with an trust all

      I also have that in our own code that also fails in this java version:

      if (useTestSSL)
      {
      trustAllCerts = new TrustManager[] { new X509TrustManager()
      {
      public java.security.cert.X509Certificate[] getAcceptedIssuers()
      {
      return null;
      }

      public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
      {
      }

      public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
      {
      }
      } };
      }

      SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
      ctx.init(null, trustAllCerts, null);




      here is also already the same thing reported:

      http://java.net/jira/browse/MACOSX_PORT-787

      REGRESSION. Last worked in version 7

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      see this code:

      trustAllCerts = new TrustManager[] { new X509TrustManager()
      {
      public java.security.cert.X509Certificate[] getAcceptedIssuers()
      {
      return null;
      }

      public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
      {
      }

      public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
      {
      }
      } };

      SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
      ctx.init(null, trustAllCerts, null);

      if you init that SSLContext with such a trustAllCerts it will fail

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      That the ssl context is created with a trust all configuraiton
      ACTUAL -
      java.lang.NullPointerException
      at java.util.Collections.addAll(Collections.java:3836)
      at sun.security.ssl.AbstractTrustManagerWrapper.<init>(SSLContextImpl.java:778)
      at sun.security.ssl.SSLContextImpl.chooseTrustManager(SSLContextImpl.java:133)
      at sun.security.ssl.SSLContextImpl.engineInit(SSLContextImpl.java:89)
      at javax.net.ssl.SSLContext.init(SSLContext.java:283)

      REPRODUCIBILITY :
      This bug can be reproduced always.

      CUSTOMER SUBMITTED WORKAROUND :
      use java6

            Unassigned Unassigned
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: