JDK-7145592 : NullPointer exception in SSLContext.init() (when creating a trust all i guess)
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_7
  • CPU: x86
  • Submitted: 2012-02-14
  • Updated: 2012-09-06
  • Resolved: 2012-02-16
Related Reports
Duplicate :  
JDK-7142172 - Custom X509TrustManagers that return null for getAcceptedIssuers will NPE.
Description
FULL PRODUCT VERSION :
java version "1.7.0_04-ea"
Java(TM) SE Runtime Environment (build 1.7.0_04-ea-b11)
Java HotSpot(TM) 64-Bit Server VM (build 23.0-b14, mixed mode)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]

A DESCRIPTION OF THE PROBLEM :
On java 6 and i believe also on a previous java 7 build this works fine, but now i see these things happening, for example in eclipse:

java.lang.NullPointerException
	at java.util.Collections.addAll(Collections.java:3836)
	at sun.security.ssl.AbstractTrustManagerWrapper.<init>(SSLContextImpl.java:778)
	at sun.security.ssl.SSLContextImpl.chooseTrustManager(SSLContextImpl.java:133)
	at sun.security.ssl.SSLContextImpl.engineInit(SSLContextImpl.java:89)
	at javax.net.ssl.SSLContext.init(SSLContext.java:283)
	at org.eclipse.mylyn.internal.commons.net.PollingSslProtocolSocketFactory.<init>(PollingSslProtocolSocketFactory.java:85)
	at org.eclipse.mylyn.commons.net.WebUtil.<clinit>(WebUtil.java:194)
	at org.eclipse.mylyn.internal.tasks.ui.TasksUiPlugin.start(TasksUiPlugin.java:549)
	at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)

also egit where i say "dont verify ssl, because i use self signed certificates" also doesn't work, because i guess they are initializing with an trust all

I also have that in our own code that also fails in this java version:

	if (useTestSSL)
			{
				trustAllCerts = new TrustManager[] { new X509TrustManager()
				{
					public java.security.cert.X509Certificate[] getAcceptedIssuers()
					{
						return null;
					}

					public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
					{
					}

					public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
					{
					}
				} };
			}

			SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
			ctx.init(null, trustAllCerts, null);




here is also already the same thing reported:

http://java.net/jira/browse/MACOSX_PORT-787

REGRESSION.  Last worked in version 7

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
see this code:

				trustAllCerts = new TrustManager[] { new X509TrustManager()
				{
					public java.security.cert.X509Certificate[] getAcceptedIssuers()
					{
						return null;
					}

					public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
					{
					}

					public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
					{
					}
				} };

			SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
			ctx.init(null, trustAllCerts, null);

if you init that SSLContext with such a trustAllCerts it will fail

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
That the ssl context is created with a trust all configuraiton
ACTUAL -
java.lang.NullPointerException
	at java.util.Collections.addAll(Collections.java:3836)
	at sun.security.ssl.AbstractTrustManagerWrapper.<init>(SSLContextImpl.java:778)
	at sun.security.ssl.SSLContextImpl.chooseTrustManager(SSLContextImpl.java:133)
	at sun.security.ssl.SSLContextImpl.engineInit(SSLContextImpl.java:89)
	at javax.net.ssl.SSLContext.init(SSLContext.java:283)

REPRODUCIBILITY :
This bug can be reproduced always.

CUSTOMER SUBMITTED WORKAROUND :
use java6