Menu
I'm looking to implement a multi-threaded SSL client that uses client certificate authentication, so I need to provide a KeyStore to the SSLContext. I need to do this on multiple threads. Is it safe to use one instance of the KeyStore? I won't modify the keystore myself, and I'm assuming that the SSL implementation won't need to either, so the object should be effectively immutable.
853
In general, JCA services are not thread-safe, and KeyStoreSpi doesn't impose any thread-safety requirements on implementers. However, if your key store is effectively immutable, and you ensure that its initialized state is visible to all threads, there is no problem. For example, store the KeyStore in a volatile variable, or load it from a class initializer (which can be tricky because of exception handling).
94
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
