Java Platform Differences w.r.t. JSSEAs you know, the Ubuntu 8.0.4 (Hardy Heron) gets the OpenJDK implementation with some components from IcedTea. This is a good news. The bad news is that it just breaks GlassFish integration into Ubuntu 8.0.4. The reason is Ubuntu distribution defines some of the custom JSSE properties defined here. There is nothing wrong with this per se. But it was quite surprising that Ubuntu distribution of OpenJDK modifies these properties. I ran a simple program (attached) to find out those differences and here are my findings. I am only listing the properties for which the values differ and critically impacts GlassFish.
1 – This file is your default trust-store, yet, it is not writable by you by default. Thus, none other than root will be able to modify the store. 2 – I don't know what the CertBundle type is. Does anyone know? It looks like X.509 certs in ASCII listed one-by-one. I thought it would be JKS. So what?Ok, an implementation is free to choose any values as long as they are documented. But the fallout is that I have to work around the seemingly strange values chosen by Ubuntu distribution. The empty string for trustStorePassword is especially weird. I am sure they have strong reasons to choose these values, but GlassFish breaks (of course, code assumes certain things and wants the default values in the available JDK platform to play nicely) because of them. Oh well, I am going to fix that on SJSAS91_UR1_BRANCH for GlassFish V2.01. GlassFish bugSee bug logged on IssueTracker. |
