From 5deca13557d25ac83c49e35dddbbaf01d8ab686f Mon Sep 17 00:00:00 2001
From: floblanc <floblanc@localhost>
Date: Tue, 10 Mar 2009 13:13:54 +0000
Subject: [PATCH] Fix issue 3860 OpenDS unable to find a certificate in JKS keystore if the alias contains upercase When OpenDS is configured to use alias xxx-cert in JKS keystore, LDAPS does not work if the alias contains upercase.

---
 opends/src/server/org/opends/server/util/SelectableCertificateKeyManager.java |    9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/opends/src/server/org/opends/server/util/SelectableCertificateKeyManager.java b/opends/src/server/org/opends/server/util/SelectableCertificateKeyManager.java
index 808c73b..d2b450a 100644
--- a/opends/src/server/org/opends/server/util/SelectableCertificateKeyManager.java
+++ b/opends/src/server/org/opends/server/util/SelectableCertificateKeyManager.java
@@ -22,7 +22,7 @@
  * CDDL HEADER END
  *
  *
- *      Copyright 2008 Sun Microsystems, Inc.
+ *      Copyright 2008-2009 Sun Microsystems, Inc.
  */
 package org.opends.server.util;
 
@@ -196,6 +196,9 @@
    * the provided critieria.  This will either return the preferred alias
    * configured for this key manager, or {@code null} if no server certificate
    * with that alias is configured in the underlying key manager.
+   * Note that the returned alias can be transformed in lowercase, depending
+   * on the KeyStore implementation. It is recommended not to use aliases in a
+   * KeyStore that only differ in case.
    *
    * @param  keyType  The public key type for the certificate.
    * @param  issuers  The list of acceptable issuer subject names, or
@@ -213,9 +216,9 @@
     {
       for (String serverAlias : serverAliases)
       {
-        if (serverAlias.equals(alias))
+        if (serverAlias.equalsIgnoreCase(alias))
         {
-          return alias;
+          return serverAlias;
         }
       }
     }

--
Gitblit v1.10.0