I have a restlet client that needs to connect to a server with a untrusted cert. Other parts of my application need to connect to servers with trusted certs. I tried setting the trustStore in my client as follows, but once I did this it broke HTTPS calls to servers with trusted certificates. I'm assuming because my custom keystore is missing all the default cacert entries.
System.setProperty("javax.net.ssl.trustStore", new File(ccdResourceKeystore).getAbsolutePath());
System.setProperty("javax.net.ssl.trustStorePassword", ccdResourceKeystorePassword);
Is there a way to have this client use a provided keystore and everything else in my app use the standard jre cacert? I don't really want to muck with the jre provided keystore if possible, I would like my client to just work if I ever decide to update the jre, or deploy on a different server. Is the same logic that applies to a restlet server supposed to work with a client?
Series<Parameter> parameters = client.getContext().getParameters();
parameters.add("sslContextFactory", "org.restlet.engine.security.DefaultSslContextFactory");
parameters.add("keystorePath", "blah");
parameters.add("keystorePassword", "blah");
parameters.add("keyPassword", "blah");
parameters.add("keystoreType", "JKS");
