From b2e3f0a1c302c95c32c57d87aafefe19ab314cd2 Mon Sep 17 00:00:00 2001
From: Bjørn Christian Seime <bjorncs@oath.com>
Date: Thu, 14 Jun 2018 17:01:02 +0200
Subject: Set password when creating key entry

---
 .../instanceproviderservice/AthenzSslKeyStoreConfigurator.java       | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java
index 3437dea9ece..2e0cf04ae4f 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslKeyStoreConfigurator.java
@@ -92,10 +92,11 @@ public class AthenzSslKeyStoreConfigurator extends AbstractComponent implements
         boolean isExpired = certificate.get().getNotAfter().toInstant().isBefore(minimumExpiration);
         if (isExpired) return Optional.empty();
 
+        char[] password = generateKeystorePassword();
         KeyStore keyStore = KeyStoreBuilder.withType(KeyStoreType.JKS)
-                .withKeyEntry(CERTIFICATE_ALIAS, privateKey.get(), certificate.get())
+                .withKeyEntry(CERTIFICATE_ALIAS, privateKey.get(), password, certificate.get())
                 .build();
-        return Optional.of(new KeyStoreAndPassword(keyStore, generateKeystorePassword()));
+        return Optional.of(new KeyStoreAndPassword(keyStore, password));
     }
 
     @Override
-- 
cgit v1.2.3