Replace System.setProperty(....)

Question

I have this simple JMX client

    public void testTomcatBasicAuthentication() throws Exception
    {
        System.out.println("Test Server Basic Authentication");
        try
        {
            String truststore = "C:\\client.jks";
            String trustStorePassword = "password";

            JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://xxx.xxx.xxx.xxx:9999/jmxrmi");

            HashMap environment = new HashMap();
            String[] credentials = new String[]
            {
                "user", "passwd"
            };
            environment.put(JMXConnector.CREDENTIALS, credentials);
//            environment.put("javax.net.ssl.trustStore", truststore);
//            environment.put("javax.net.ssl.trustStorePassword", trustStorePassword);
//            environment.put("javax.net.ssl.keyStore", truststore);
//            environment.put("javax.net.ssl.keyStorePassword", trustStorePassword);

            KeyManager[] kms = getKeyManagers(truststore, trustStorePassword);
            TrustManager[] tms = getTrustManagers(truststore, trustStorePassword);

            System.setProperty("javax.net.ssl.trustStore", truststore);
            System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
            System.setProperty("javax.net.ssl.keyStore", truststore);
            System.setProperty("javax.net.ssl.keyStorePassword", trustStorePassword);

            JMXConnector jmxc = JMXConnectorFactory.connect(url, environment);
            MBeanServerConnection server = jmxc.getMBeanServerConnection();

            Set<ObjectName> s2 = server.queryNames(new ObjectName("Catalina:type=Server,*"), null);
            for (ObjectName obj : s2)
            {
                ObjectName objname = new ObjectName(obj.getCanonicalName());
                System.out.println("serverInfo " + server.getAttribute(objname, "serverInfo"));
                System.out.println("address " + server.getAttribute(objname, "address"));
                System.out.println("stateName " + server.getAttribute(objname, "stateName"));
            }
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
    }

How I can replace System.setProperty(....) with Java code? I don't want to use System.setProperty.

Edit. I found this example

Can we use this code?

KeyManager[] kms = getKeyManagers(truststore, trustStorePassword);
            TrustManager[] tms = getTrustManagers(truststore, trustStorePassword);
            SslContext.setCurrentSslContext(new SslContext(kms, tms, null));

private static TrustManager[] getTrustManagers(String location, String password)
        throws IOException, GeneralSecurityException
    {
        // First, get the default TrustManagerFactory.
        String alg = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmFact = TrustManagerFactory.getInstance(alg);

        FileInputStream fis = new FileInputStream(location);
        KeyStore ks = KeyStore.getInstance("jks");
        ks.load(fis, password.toCharArray());
        fis.close();

        tmFact.init(ks);

        // And now get the TrustManagers
        TrustManager[] tms = tmFact.getTrustManagers();
        return tms;
    }

    private static KeyManager[] getKeyManagers(String location, String password)
        throws IOException, GeneralSecurityException
    {
        // First, get the default KeyManagerFactory.
        String alg = KeyManagerFactory.getDefaultAlgorithm();
        KeyManagerFactory kmFact = KeyManagerFactory.getInstance(alg);

        FileInputStream fis = new FileInputStream(location);
        KeyStore ks = KeyStore.getInstance("jks");
        ks.load(fis, password.toCharArray());
        fis.close();

        // Now we initialise the KeyManagerFactory with this KeyStore
        kmFact.init(ks, password.toCharArray());

        // And now get the KeyManagers
        KeyManager[] kms = kmFact.getKeyManagers();
        return kms;
    }

    private static KeyStore keyStoreFromCertificateString(String alias, String certificateString)
        throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException
    {
        KeyStore ks = KeyStore.getInstance("jks");
        ks.load(null); // Create empty key store
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        Certificate cert = cf.generateCertificate(new ByteArrayInputStream(certificateString.getBytes()));
        ks.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null);
        return ks;
    }

Can you give some idea how we can integrate this code or there should be some other solution?

Answer 1

It seems like it should be relatively easy, but it's not.

You need to pass actual socket factory classes in the environment, see this example. However, the implementations used in that example use the jvm default socket factories. Instead, you need to setup your own SSL*SocketFactory instances with the appropriate key store and trust store. Then you need to implement your own RMI*SocketFactory instances using your configured socket factory(s). You can use the jdk impls as guides, SslRMIClientSocketFactory and SslRMIServerSocketFactory.