Decorate KeyManager for Undertow only when an alias is configured

Fixes gh-9351

Author: mbhave

spring-boot/src/main/java/org/springframework/boot/context/embedded/undertow/UndertowEmbeddedServletContainerFactory.java

@@ -316,8 +316,12 @@ private KeyManager[] getKeyManagers() {
 				keyPassword = ssl.getKeyStorePassword().toCharArray();
 			}
 			keyManagerFactory.init(keyStore, keyPassword);
-			return getConfigurableAliasKeyManagers(ssl,
-					keyManagerFactory.getKeyManagers());
+			if (ssl.getKeyAlias() != null) {
+				return getConfigurableAliasKeyManagers(ssl,
+						keyManagerFactory.getKeyManagers());
+			}
+			return keyManagerFactory.getKeyManagers();
+
 		}
 		catch (Exception ex) {
 			throw new IllegalStateException(ex);

spring-boot/src/test/java/org/springframework/boot/context/embedded/undertow/UndertowEmbeddedServletContainerFactoryTests.java

@@ -28,6 +28,7 @@
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicReference;
 
+import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLHandshakeException;
 
 import io.undertow.Undertow.Builder;
@@ -43,6 +44,7 @@
 import org.springframework.boot.context.embedded.ExampleServlet;
 import org.springframework.boot.context.embedded.MimeMappings.Mapping;
 import org.springframework.boot.context.embedded.PortInUseException;
+import org.springframework.boot.context.embedded.Ssl;
 import org.springframework.boot.web.servlet.ErrorPage;
 import org.springframework.boot.web.servlet.ServletRegistrationBean;
 import org.springframework.http.HttpStatus;
@@ -250,6 +252,16 @@ public void sslRestrictedProtocolsRSATLS11Failure() throws Exception {
 				new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA256" });
 	}
 
+	@Test
+	public void getKeyManagersWhenAliasIsNullShouldNotDecorate() throws Exception {
+		UndertowEmbeddedServletContainerFactory factory = getFactory();
+		Ssl ssl = getSsl(null, "password", "src/test/resources/test.jks");
+		factory.setSsl(ssl);
+		KeyManager[] keyManagers = ReflectionTestUtils.invokeMethod(factory, "getKeyManagers");
+		Class<?> name = Class.forName("org.springframework.boot.context.embedded.undertow.UndertowEmbeddedServletContainerFactory$ConfigurableAliasKeyManager");
+		assertThat(keyManagers[0]).isNotInstanceOf(name);
+	}
+
 	@Override
 	protected JspServlet getJspServlet() {
 		return null; // Undertow does not support JSPs