WebClientOptions.setSSLClientCertificateKeyStore(InputStream, String,…

… String) WebClientOptions.setSSLClientCertificateKeyStore(URL, String, String)
HtmlUnit · Dec 9, 2023 · 36b54b6 · 36b54b6
1 parent 33cf1c2
commit 36b54b6
Show file tree

Hide file tree

Showing 2 changed files with 92 additions and 29 deletions.
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
@@ -7,7 +7,17 @@
     </properties>
 
     <body>
-        <release version="3.10.0" date="December xx, 2023" description="Bugfixes">
+        <release version="3.10.0" date="December xx, 2023" description="Chrome/Edge 120, Firefox 120, Bugfixes">
+            <action type="update" dev="rbri">
+                Because the naming of the method and parametes is misleading, the method 
+                WebClientOptions.setSSLClientCertificate(InputStream, String, String) is deprecated. Please use
+                WebClientOptions.setSSLClientCertificateKeyStore(InputStream, String, String) instead.
+            </action>
+            <action type="update" dev="rbri">
+                Because the naming of the method and parametes is misleading, the method 
+                WebClientOptions.setSSLClientCertificate(URL, String, String) is deprecated. Please use
+                WebClientOptions.setSSLClientCertificateKeyStore(URL, String, String) instead.
+            </action>
         </release>
 
 

diff --git a/src/main/java/org/htmlunit/WebClientOptions.java b/src/main/java/org/htmlunit/WebClientOptions.java
@@ -154,36 +154,74 @@ public boolean isRedirectEnabled() {
     }
 
     /**
-     * Sets the SSL client certificate to use. The needed parameters are used to
-     * construct a {@link java.security.KeyStore}.
+     * Sets the SSL client certificate {@link KeyStore} to use.
      * <p>
      * If the web server requires Renegotiation, you have to set system property
      * "sun.security.ssl.allowUnsafeRenegotiation" to true, as hinted in
      * <a href="http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html">
      * TLS Renegotiation Issue</a>.
      * <p>
-     * In some cases the impl seems to pick old certificats from the KeyStore. To avoid
-     * that, wrap your keystore inside your own KeyStore impl and filter out outdated
-     * certificates. Provide the Keystore to the options instead of the input stream.
+     * In some cases the impl seems to pick old certificates from the {@link KeyStore}. To avoid
+     * that, wrap your {@link KeyStore} inside your own {@link KeyStore} impl and filter out outdated
+     * certificates.
      *
-     * @param certificateInputStream the input stream which represents the certificate
+     * @param keyStore {@link KeyStore} to use
+     * @param keyStorePassword the keystore password
+     */
+    public void setSSLClientCertificateKeyStore(final KeyStore keyStore, final char[] keyStorePassword) {
+        sslClientCertificateStore_ = keyStore;
+        sslClientCertificatePassword_ = keyStorePassword == null ? null : keyStorePassword;
+    }
+
+    /**
+     * Sets the SSL client certificate to use.
+     * The needed parameters are used to construct a {@link java.security.KeyStore}.
+     * <p>
+     * If the web server requires Renegotiation, you have to set system property
+     * "sun.security.ssl.allowUnsafeRenegotiation" to true, as hinted in
+     * <a href="http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html">
+     * TLS Renegotiation Issue</a>.
+     *
+     * @param certificateUrl the URL which locates the certificate
      * @param certificatePassword the certificate password
      * @param certificateType the type of certificate, usually {@code jks} or {@code pkcs12}
+     *
+     * @deprecated as of version 3.10.0; use {@link #setSSLClientCertificateKeyStore(URL, String, String)} instead
      */
-    public void setSSLClientCertificate(final InputStream certificateInputStream, final String certificatePassword,
+    @Deprecated
+    public void setSSLClientCertificate(final URL certificateUrl, final String certificatePassword,
             final String certificateType) {
-        try {
-            setSSLClientCertificateKeyStore(
-                    getKeyStore(certificateInputStream, certificatePassword, certificateType),
-                    certificatePassword.toCharArray());
+        setSSLClientCertificateKeyStore(certificateUrl, certificatePassword, certificateType);
+    }
+
+    /**
+     * Sets the SSL client certificate to use.
+     * The needed parameters are used to construct a {@link java.security.KeyStore}.
+     * <p>
+     * If the web server requires Renegotiation, you have to set system property
+     * "sun.security.ssl.allowUnsafeRenegotiation" to true, as hinted in
+     * <a href="http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html">
+     * TLS Renegotiation Issue</a>.
+     *
+     * @param keyStoreUrl the URL which locates the certificate {@link KeyStore}
+     * @param keyStorePassword the certificate {@link KeyStore} password
+     * @param keyStoreType the type of certificate {@link KeyStore}, usually {@code jks} or {@code pkcs12}
+     *
+     */
+    public void setSSLClientCertificateKeyStore(final URL keyStoreUrl, final String keyStorePassword,
+            final String keyStoreType) {
+        try (InputStream is = keyStoreUrl.openStream()) {
+            sslClientCertificateStore_ = getKeyStore(is, keyStorePassword, keyStoreType);
+            sslClientCertificatePassword_ = keyStorePassword == null ? null : keyStorePassword.toCharArray();
         }
         catch (final Exception e) {
             throw new RuntimeException(e);
         }
     }
 
     /**
-     * Sets the SSL client certificate keystore to use.
+     * Sets the SSL client certificate to use. The needed parameters are used to
+     * construct a {@link java.security.KeyStore}.
      * <p>
      * If the web server requires Renegotiation, you have to set system property
      * "sun.security.ssl.allowUnsafeRenegotiation" to true, as hinted in
@@ -192,34 +230,49 @@ public void setSSLClientCertificate(final InputStream certificateInputStream, fi
      * <p>
      * In some cases the impl seems to pick old certificats from the KeyStore. To avoid
      * that, wrap your keystore inside your own KeyStore impl and filter out outdated
-     * certificates.
+     * certificates. Provide the Keystore to the options instead of the input stream.
      *
-     * @param keyStore {@link KeyStore} to use
-     * @param keyStorePassword the keystore password
+     * @param certificateInputStream the input stream which represents the certificate
+     * @param certificatePassword the certificate password
+     * @param certificateType the type of certificate, usually {@code jks} or {@code pkcs12}
+     *
+     * @deprecated as of version 3.10.0;
+     * use {@link #setSSLClientCertificateKeyStore(InputStream, String, String)} instead
      */
-    public void setSSLClientCertificateKeyStore(final KeyStore keyStore, final char[] keyStorePassword) {
-        sslClientCertificateStore_ = keyStore;
-        sslClientCertificatePassword_ = keyStorePassword == null ? null : keyStorePassword;
+    @Deprecated
+    public void setSSLClientCertificate(final InputStream certificateInputStream, final String certificatePassword,
+            final String certificateType) {
+        try {
+            setSSLClientCertificateKeyStore(certificateInputStream, certificatePassword, certificateType);
+        }
+        catch (final Exception e) {
+            throw new RuntimeException(e);
+        }
     }
 
     /**
-     * Sets the SSL client certificate to use.
-     * The needed parameters are used to construct a {@link java.security.KeyStore}.
+     * Sets the SSL client certificate {@link KeyStore} to use. The parameters are used to
+     * construct the {@link KeyStore}.
      * <p>
      * If the web server requires Renegotiation, you have to set system property
      * "sun.security.ssl.allowUnsafeRenegotiation" to true, as hinted in
      * <a href="http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html">
      * TLS Renegotiation Issue</a>.
+     * <p>
+     * In some cases the impl seems to pick old certificates from the {@link KeyStore}. To avoid
+     * that, wrap your {@link KeyStore} inside your own {@link KeyStore} impl and filter out outdated
+     * certificates. Provide the {@link KeyStore} to the options instead of the input stream.
      *
-     * @param certificateUrl the URL which locates the certificate
-     * @param certificatePassword the certificate password
-     * @param certificateType the type of certificate, usually {@code jks} or {@code pkcs12}
+     * @param keyStoreInputStream the input stream which represents the {@link KeyStore} holding the certificates
+     * @param keyStorePassword the {@link KeyStore} password
+     * @param keyStoreType the type of {@link KeyStore}, usually {@code jks} or {@code pkcs12}
      */
-    public void setSSLClientCertificate(final URL certificateUrl, final String certificatePassword,
-            final String certificateType) {
-        try (InputStream is = certificateUrl.openStream()) {
-            sslClientCertificateStore_ = getKeyStore(is, certificatePassword, certificateType);
-            sslClientCertificatePassword_ = certificatePassword == null ? null : certificatePassword.toCharArray();
+    public void setSSLClientCertificateKeyStore(final InputStream keyStoreInputStream,
+            final String keyStorePassword, final String keyStoreType) {
+        try {
+            setSSLClientCertificateKeyStore(
+                    getKeyStore(keyStoreInputStream, keyStorePassword, keyStoreType),
+                    keyStorePassword.toCharArray());
         }
         catch (final Exception e) {
             throw new RuntimeException(e);