[#QFJ-913] SSL warning when using default keystore (quickfixj.keystore)

[QFJ-913] SSL warning when using default keystore (quickfixj.keystore) Created: 07/Feb/17 Updated: 10/May/18 Resolved: 09/May/18
Status:	Closed
Project:	QuickFIX/J
Component/s:	Build, Networking
Affects Version/s:	1.6.0, 1.6.1, 1.6.2, 1.6.3
Fix Version/s:	None

Type:

Bug

Priority:

Default

Reporter:

chenbaoyi

Assignee:

Unassigned

Resolution:

Not a bug

Votes:

Labels:

None

Environment:

java version "1.8.0_92"
Java(TM) SE Runtime Environment (build 1.8.0_92-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.92-b14, mixed mode)

Linux version 2.6.32-642.11.1.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC) ) #1 SMP Fri Nov 18 19:25:05 UTC 2016

Description

[DEFAULT]
BeginString=FIX.4.3
ConnectionType=initiator
EndDay=xxxxx
StartDay=Sunday
EndTime=xxxxxx
StartTime=xxxxx
HeartBtInt=30
ResetOnLogon=Y
ResetOnLogout=N
ResetOnDisconnect=N
ReconnectInterval=xxxx
FileIncludeMilliseconds=Y
FileIncludeTimeStampForMessages=Y
FileLogPath=xxxxxx
FileStorePath=xxxxx
ValidateUserDefinedFields=N
ValidateFieldsHaveValues=N
ValidateFieldsOutOfOrder=N
ValidateUnorderedGroupFields=N
ValidateSequenceNumbers=N

[SESSION]
Username=xxxxx
Password=xxxxx
SenderCompID=xxx
TargetCompID=xxx
SocketUseSSL=Y
SocketConnectPort=xxxx
SocketConnectHost=xxx.xxx.xxx.xxx
DataDictionary=xxx.xml

using above setting
when connect to acceptor
console will log a warnning
SSLContextFactory.initializeKeyStore:111]quickfixj.keystore: keystore not found, using empty keystore

the root cause of this issue is when building quickfixj-1.6.3
quickfixj-core/pom.xml does not contains the /src/main/resources

Comments

Comment by Christoph John [ 07/Feb/17 ]

Why would you want to use the default keystore shipped with QFJ?

Comment by chenbaoyi [ 07/Feb/17 ]

cuz refer to http://www.quickfixj.org/quickfixj/usermanual/1.6.3/usage/secure_communications.html
The default usage of SSL just only need to set SocketUseSSL=Y

Comment by Christoph John [ 07/Feb/17 ]

OK, great. But believe me, in the real world you really should rely on an own certificate.

Comment by Piyush [ 09/May/18 ]

I am facing the issue with 1.6.4 version as well. Is the issue resolved?

Comment by Christoph John [ 09/May/18 ]

Actually, this is no bug. Just use a custom certificate and specify it using SocketKeyStore property.

Comment by Piyush [ 10/May/18 ]

But I don't have any custom certificate. How to solve this issue without custom certificate,

Comment by Christoph John [ 10/May/18 ]

Just create one: https://www.sslshopper.com/article-how-to-create-a-self-signed-certificate-using-java-keytool.html or https://discuss.pivotal.io/hc/en-us/articles/202652748-Generating-a-self-signed-SSL-certificate-using-the-Java-keytool-command-

But what do you want to use SSL for if you do not have a custom certificate?

Generated at Thu May 02 06:08:50 UTC 2024 using JIRA 7.5.2#75007-sha1:9f5725bb824792b3230a5d8716f0c13e296a3cae.

[QFJ-913] SSL warning when using default keystore (quickfixj.keystore) Created: 07/Feb/17 Updated: 10/May/18 Resolved: 09/May/18